Questions[pf](server)

The title is self explanatory.

I want to create rules in pf running on OpenBSD 4.9 for perticular MAC address, something like

pass in on eth0 from mac 00:04:34:5f:34:33 to mac 34:32:34:06:5e:22

I have read this, but it doesn't help!!

I am in a situation where I require WAN access to be opened up to the WebConfigurator through pfSense because I do not have another node connected to the same network to access WebConfigurator from the inside. Ideally I would like to just do this in shell and either directly modify pf's config to "allow all" just long enough for me to open up WAN access to WebConfigurator from my IP, or modify config.xml to add that rule manually. Does anybody have any insight into how to accomplish this?

I have a few dozen servers behind OpenBSD firewall with port forwarding. Most rules are very similar and differ only in IPs or sometimes in ports forwarded, so I want to compact them to remove excessive repetition but I've found that it is impossible to use tables with rdr-to rules. Is there any way to improve this configuration? May be there is option to use pf macros to generate multiple rules at once? I can't use external preprocessor at the moment.

Example set of rules:

pass in  on $extif proto tcp from any     to 10.0.0.213   port {25,80,443} rdr-to 172.16.1.193
pass in  on $intif proto tcp from $intnet to 10.0.0.213   port {25,80,443} rdr-to 172.16.1.193
pass out on $intif proto tcp from any     to 172.16.1.193 port {25,80,443} received-on $intif nat-to $intif

pass in  on $extif proto tcp from any     to 10.0.0.214   port {25,80,443} rdr-to 172.16.1.194
pass in  on $intif proto tcp from $intnet to 10.0.0.214   port {25,80,443} rdr-to 172.16.1.194
pass out on $intif proto tcp from any     to 172.16.1.194 port {25,80,443} received-on $intif nat-to $intif

pass in  on $extif proto tcp from any     to 10.0.0.215   port {25,80,443,3389} rdr-to 172.16.1.195
pass in  on $intif proto tcp from $intnet to 10.0.0.215   port {25,80,443,3389} rdr-to 172.16.1.195
pass out on $intif proto tcp from any     to 172.16.1.195 port {25,80,443,3389} received-on $intif nat-to $intif

I recently purchased a server to run m0n0wall or pfSense but I've learned since then that both of these firewall products are based on versions of FreeBSD which weren't yet compatible with the NICs in my new server.

The SuperMicro server that I purchased has dual Intel 82574L Gigabit LAN NICs which and I'd like to find a way to install some sort of firewall on them which will ease firewall management via the use of a GUI.

I know I could simply use pf but since we'd like to have a GUI front end, what are our options? Do I need to return this server and find a vendor that sells older hardware which will be compatible or can I make this hardware work somehow?

I use FreeBSD and working with pf+ALTQ now.
Something doesn't work and I need a tool to view what requests are marked and moved to a queue "queue_name"
Need something like pftop but showing queues. Can anyone help?