Often times when you beginning any form of learning in regards to setting up a firewall, you struggle to do things that are practical.
If you are testing out an OpenBSD firewall and need to setup a gateway to NAT traffic (two nics – one internal to a switch and another public facing), here is the rule.
This will allow a NAT from the private range (private network) to the public (external interface).
You need only this in the pf.conf, and from there you can build your “block rules”.
set skip on lo
internal = “em0”
external = “rl0”
# NAT RULE (modified in newer version of ipf)
pass out on rl0 from em0:network to any nat-to (rl0)