> my pf.conf
> # macros
> int_if = "fxp0"
> ext_if = "ep0"
> tcp_services = "{ 22, 113 }"
> icmp_types = "echoreq"
> priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
> # options
> set block-policy return
> set loginterface $ext_if
> # scrub
> scrub in all
> # nat/rdr
> nat on $ext_if from $int_if:network to any -> ($ext_if)
> rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 \
> port 8021
> # filter rules
> block all
> pass quick on lo0 all
> block drop in quick on $ext_if from $priv_nets to any
> block drop out quick on $ext_if from any to $priv_nets
> pass in on $ext_if inet proto tcp from any to ($ext_if) \
> port $tcp_services flags S/SA keep state
> pass in inet proto icmp all icmp-type $icmp_types keep state
> pass in on $int_if from $int_if:network to any keep state
> pass out on $int_if from any to $int_if:network keep state
> pass out on $ext_if proto tcp all modulate state flags S/SA
> pass out on $ext_if proto { udp, icmp } all keep state
> here my dhcp.conf
dhcpd.conf?
> 169.254.254.214
APIPA-address, you get this when dhcp is not available.
but i guess it's because you didn't define $int_ifnetwork in pf.conf