Prevent outgoing traffic unless OpenVPN connection is active using pf.conf on Mac OS

[Develope]

I've been able to deny all connections to external networks unless my OpenVPN connection is active using pf.conf

Into etc/pf.conf in the end i add

#
# Allow connection via Viscosity only
#
wifi=en1 #change this to en0 on MacBook Airs and other Macs without ethernet ports
vpn=tun0
vpn2=tap0

block all

set skip on lo # allow local traffic

pass on p2p0 #allow AirDrop
pass on p2p1 #allow AirDrop
pass on p2p2 #allow AirDrop
pass quick proto tcp to any port 631 #allow AirPrint

pass on $wifi proto udp # allow only UDP packets over unprotected Wi-Fi
pass on $vpn # allow everything else through the VPN (tun interface)
pass on $vpn2 # allow everything else through the VPN (tap interface)

Then i enable packet filter service with sudo pfctl -e and load the new rules with sudo pfctl -f /etc/pf.conf

Works great, BUT, i can't connect to the internet via VPN
I have no any connection to the internet(
My OS - Mac OS X 10.9.4

P.S. i think that problem in last 2

pass on $vpn # allow everything else through the VPN (tun interface)
pass on $vpn2 # allow everything else through the VPN (tap interface)

Because

pass on $wifi proto udp # allow only UDP packets over unprotected Wi-Fi

It works great, clock updated time automatic

Who can help me with that?

 

[Develope]

Anybody know?