FreeBSD 12.1

# pkg update
# pkg install openvpn screen bash tinyproxy tor curl

pf.conf:

int="hn0"
tun="tun0"

tcp_state="flags S/SAFR modulate state"
udp_state="keep state"
icmp_types="icmp-type echoreq"

set block-policy drop

# timeout options
set optimization normal
set timeout { tcp.established 360, tcp.closing 60 }
set skip on lo0

nat on $tun from $int:network to any -> ($tun:0)
#rdr on $int proto { tcp udp } from $int:network to ! $int:0 port 53 -> $int:0

block in log all
pass out all keep state

#antispoof log quick for $int inet
#antispoof log quick for $tun inet

#match out on $ext from $tun:network to any nat-to $ext:0

pass in on $int from $int:network
pass in on $int inet proto tcp from any to $int:0 port 22 $tcp_state
#pass in on $tun from any to any
#pass from $tun:network to any keep state

rc.conf:

ifconfig_hn0="inet 10.0.5.5 netmask 255.255.255.0" 
defaultrouter="10.0.5.1"

hostname="vpn"

sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"

gateway_enable="YES"
pf_enable="YES"
pf_conf="/etc/pf.conf"
pflog_enable="YES"

sendmail_enable="NO"
sendmail_msp_queue_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"

tinyproxy_enable="NO"
tinyproxy_enable=""

tor_enable="NO"

Restart network:

# /etc/netstart

Activate pf, if disabled:

# shutdown -r now