PF troubles on OpenBSD 5.0

I am setting up a system as an ADSL gateway. ADSL is working fine. PF is not forwarding for some reason.

# ifconfig                                                              
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33196
        priority: 0
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet 127.0.0.1 netmask 0xff000000
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:a0:c9:84:98:5f
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::2a0:c9ff:fe84:985f%fxp0 prefixlen 64 scopeid 0x1
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:06:5b:20:f0:b3
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet 10.0.0.2 netmask 0xff000000 broadcast 10.255.255.255
        inet6 fe80::206:5bff:fe20:f0b3%xl0 prefixlen 64 scopeid 0x2
enc0: flags=0<>
        priority: 0
        groups: enc
        status: active
pppoe0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1492
        priority: 0
        dev: fxp0 state: session
        sid: 0x213 PADI retries: 0 PADR retries: 0 time: 00:08:23
        sppp: phase network authproto pap authname "johnubis@tpg.com.au" 
        groups: pppoe egress
        status: active
        inet6 fe80::2a0:c9ff:fe84:985f%pppoe0 ->  prefixlen 64 scopeid 0x5
        inet 220.245.128.9 --> 202.7.179.48 netmask 0xffffffff
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33196
        priority: 0
        groups: pflog
# cat /etc/pf.conf
int_if="xl0"
ext_if="pppoe0"
wan_if="fxp0"

thenetwrk="10.0.0.0/8"
rothbard="10.0.0.10"
baal="10.0.0.2"
smass="10.0.0.1"

etcp_services="{22}"
itcp_services="{22,53}"
icmp_types="echoreq"

ports_rothbard="{17000,17001,17002,17003,17004,17005,2322}"
ports_smass="{17100,17101,17102,17103,17104,17105,2222}"

set block-policy return
set loginterface $ext_if
set skip on lo
set skip on $wan_if

anchor "ftp-proxy/*"

pass in quick on $int_if inet proto tcp to any port ftp \
    divert-to 127.0.0.1 port 8021

match out on $ext_if from 10.0.0.0/8 to any nat-to $int_if
pass on $ext_if from 10.0.0.0/8 to any

pass out on $ext_if proto tcp from any to any

pass in on $ext_if proto tcp from any to any port $ports_rothbard rdr-to $rothbard
pass in on $ext_if proto tcp from any to any port $ports_smass rdr-to $smass

antispoof quick for { lo $int_if }

pass in on egress inet proto tcp from any to (egress) \
        port $etcp_services
pass in on egress inet proto tcp from any to $baal port $itcp_services

pass in inet proto icmp all icmp-type $icmp_types
# sysctl net.inet.ip.forwarding         
net.inet.ip.forwarding=1

I can SSH to the box and access ports I've allowed but packets are not forwarded through.

---------- Post updated at 06:03 PM ---------- Previous update was at 12:12 PM ----------

Nevermind fixed it myself

New pf.conf...

# cat /etc/pf.conf                                                              
int_if="xl0"                                                                    
ext_if="pppoe0"                                                                 
wan_if="fxp0"                                                                   
                                                                                
thenetwrk="10.0.0.0/8"                                                          
rothbard="10.0.0.10"                                                            
baal="10.0.0.2"                                                                 
smass="10.0.0.1"                                                                
                                                                                
etcp_services="{22}"                                                            
itcp_services="{22,53}"                                                         
icmp_types="echoreq"                                                            
                                                                                
ports_rothbard="{17000,17001,17002,17003,17004,17005,2322}"                     
ports_smass="{17100,17101,17102,17103,17104,17105,2222}"                        
                                                                                
set block-policy return                                                         
set loginterface $ext_if                                                        
set skip on lo                                                                  
set skip on $wan_if                                                             
                                                                                
anchor "ftp-proxy/*"                                                            
                                                                                
pass in quick on $int_if inet proto tcp to any port ftp \                       
    divert-to 127.0.0.1 port 8021                                               
                                                                                
pass out on $ext_if from $int_if:network to any nat-to ($ext_if)                
                                                                                
pass in on $int_if from 10.0.0.0/8 to any                                       
                                                                                
pass out on $int_if from any to any                                             
                                                                                
pass in on $ext_if proto tcp from any to any port $ports_rothbard rdr-to $rothba
rd                                                                              
pass in on $ext_if proto tcp from any to any port $ports_smass rdr-to $smass    
                                                                                
antispoof quick for { lo $int_if }                                              
                                                                                
pass in on $ext_if inet proto tcp from any to (egress) \                        
        port $etcp_services                                                     
pass in on $int_if inet proto tcp from any to $baal port $itcp_services         
                                                                                
pass in inet proto icmp all icmp-type $icmp_types