The OpenBSD packet filter (PF) received several enhancements in OpenBSD 3.7. One of the coolest things is the ability to tell PF not to filter traffic on specific interfaces, such as the loopback interface. This behavior is defined in the pf.conf configuration file with the “set skip on” statement:
set skip on lo0
Prior to the “set skip on” option you had to explicilty allow traffic to flow with the following pass statements:
pass in quick on lo0 all
pass out quick on lo0 all
This of course assumes a default policy of “block everything not explicilty allowed,” which all firewalls SHOULD be using.