strage problem with nat

[Richard Weinberger <richard_(_at_)_nod_(_dot_)_at>]

hello!

now works openbsd on my box :)
but i have a problem with the pf and nat.
when i load my pf.conf i get this errors:
<qoute>
# pfctl -f /etc/pf.conf
/etc/pf.conf:18: Rules must be in order: options, normalization, translation, 
filter
/etc/pf.conf:20: Rules must be in order: options, normalization, translation, 
filter
/etc/pf.conf:21: Rules must be in order: options, normalization, translation, 
filter
/etc/pf.conf:22: Rules must be in order: options, normalization, translation, 
filter
/etc/pf.conf:23: Rules must be in order: options, normalization, translation, 
filter
/etc/pf.conf:24: Rules must be in order: options, normalization, translation, 
filter
pfctl: Syntax error in file: pf rules not loaded
</quote>

this is my pf.conf

<quote>
server="192.168.0.5"
ext_if="ne4"
int_if="ne3"
#ext_ip="194.118.54.6"
ext_ip="192.168.1.200"
#int_ip="{192.168.0.1,192.168.0.254}"
int_ip="{192.168.0.200,192.168.1.200}"
int_net="192.168.0.0/24"

pass in quick on $ext_if inet proto tcp from any to any port 21 keep state
pass in quick on $ext_if inet proto tcp from any to any port 25 keep state
pass in quick on $ext_if inet proto tcp from any to any port 80 keep state
pass in quick on $ext_if inet proto tcp from any to any port 110 keep state
pass in quick on $ext_if inet proto tcp from any to any port 443 keep state
pass out on $ext_if from any to any keep state
block in quick on $ext_if from any to any

nat on ne4 from 192.168.0.0/24 to any -> 192.168.1.200

rdr on $int_if proto tcp from any to $ext_if port 21 -> $server port 21
rdr on $int_if proto tcp from any to $ext_if port 25 -> $server port 25
rdr on $int_if proto tcp from any to $ext_if port 80 -> $server port 80
rdr on $int_if proto tcp from any to $ext_if port 80 -> $server port 110
rdr on $int_if proto tcp from any to $ext_if port 443 -> $server port 443
</quote>

i can't any error in line 18 to 24.

maybe you'll find a error.

thanx
richard weinberger