firewall: Clean up pf.conf template

firewall/templates/pf.conf.erb

@@ -1,12 +1,11 @@
 set block-policy return
 set skip on lo0
 
-match in all scrub (no-df)
+block in
-block in all
+pass out
-pass out all
 
-pass in quick inet proto icmp all
+pass in quick inet proto icmp
-pass in quick inet6 proto icmp6 all
+pass in quick inet6 proto icmp6
 
 <% @firewall_rules.each do |rule| -%>
 <%   rule = /(tcp|udp)\/([\d:]+)( .+)?/.match(rule) -%>