When I try to run cvs for src/ports/xenocara it doesn't work, but when I disable PF it works fine. What is the issue? What port do I allow out to install from ports? How can I tighten up my rules?
ext_if = "dc0" int_if = "lo0" block all match in all scrub (no-df random-id) antispoof quick for { $ext_if, $int_if } pass in quick on $ext_if proto tcp from 192.168.1.1 port 22 pass quick proto tcp from any to any port ssh \ flags S/SA keep state \ (max-src-conn 1, max-src-conn-rate 1/60) pass out on $ext_if proto tcp from port 22