I also forgot to mention: You should probably log your block rule so that you can see what's going on if things don't work as expected.
So: block in log on $ext_if Note the lack of "quick" as well, as previously mentioned. With logging enabled, provided you have pflog running (which you should), you can use the following to see what's being blocked. tcpdump -n -e -ttt -i pflog0 (provided pflog0 is your pflog interface). Regards, Mike
Description: PGP signature