ext_if = "nfe0"
int_if = "nfe1"
set block-policy drop
scrub in all
block in on $ext_if
antispoof for $ext_if inet
pass out on $ext_if proto { tcp, udp, icmp } all modulate state
pass in on $int_if from { 164.168.1.2/24 } to any
pass in on $ext_if from { 192.168.1.2/24 } to any
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 80
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 2010
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 444
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6500
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6501
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6502
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6503
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6504
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6505
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6505
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6506
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6507
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6508
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6509
pass in on $ext_if proto tcp from { xxx.xxx.xxx.xxx } to $ext_if port 6510
table <friends> { some.dns.name1, somedns.name2, somedns.name3, some.dns.name4 }
pass in on $ext_if from <friends> to { 80, 443, 2010, 6500-6510 }
is my pf.conf file now - in case anyone else who is just starting out using FreeBSD might find it useful