One thing I always loved about OpenBSD was its packet filter pf which is set up easily and fast and just works. However there are times I forget completely it is there. In this case I wanted to connect a Windows machine to my LAN but it did not get any tcp connection. ICMP worked fine though. Since this windows has been run in Parallels I fiddled with those settings with no result.
Then I remembered this:
#this fixes the neighbours issue block drop out quick log on $ext_if from any os "Windows" block drop in quick log on $wlan_if from any os "Windows"
I put this in to keep my neighbour's son from using my WLAN for his Edonkey traffic. It has been there for years.
Next time think about pf first.