Useful Tip #1: set skip

exclude an interface (interface group) from any filtering:

       set skip on lo

- filtering on loopback is almost never useful, confuses apps

and if you want to do all your filtering on egress:

       set skip on { lo, $int_if }

Load the sample file

$ sudo pfctl -vnf samples/example008