My first comment, or rather question, is in regards to your rules and the mention of PF. PF is the firewall for BSD and these look like rules for it. Are you running BSD or Linux? I am asking because you also mention IPTables, which is the firewall for Linux.
Second, please keep in mind that blocking port scans won't buy you much in terms of security. It is absolutely critical that you still protect any services that you are running. With the above caveat in mind, there are a couple of techniques for blocking scans. Some techniques are designed to counter stealth scan techniques. Personally, I would use rate limiting and if too many connections are established in a short period of time, which indicates a potential scan, I would block their traffic for a period of time. This
article has a pretty good discussion of this subject including why the stealth techniques fail against a standard nmap scan.