I have made some progress on achieving my goal of forcing no-leak Tor access to the internet using the pfSense firewall. It's not quite as thorough of a solution as I have wanted, but it's still useful because it serves the job of isolating my entire network from the internet, and only allowing connections via Tor. In the process of setting this up, I've discovered several leaks I was not aware of, and some of them were even bypassing the VPN somehow. It's been a learning experience overall, and I think I have a workable version of a simple solution, just like I wanted, thanks to pfSense. Here's what I have done in detail, in case someone finds this discussion wanting to make Tor safer with pfSense:

1. Configure Tor to Use a Tor bridge: Vidalia -> Settings -> Network -> Bridge Settings. This will make it possible for the pfSense firewall to allow connections only to the Tor bridge IP address, and block all other connection attempts. Adding several different Tor bridges will ensure you have connectivity if one of them goes down. Using 3 different Tor bridge IP's is recommended, but only 1 is necessary to try this out. It is much easier to find mistakes if you start with only 1 Tor bridge. More can always be added later.

The format given by the official Tor bridge service (search the web for "Tor bridge") is intended for direct addition to the "torrc" config file. Remove the word "Bridge" and add each IP and port pair one line at a time in Vidalia. That is not explained anywhere that I could find, which is strange because Vidalia is supposed to make this easy.

2. pfSense Firewall -> Rules -> LAN: Click the green icon to disable the "Default allow LAN to any rule". The rule is usually at the bottom of the rules list. That disables all communication to the internet. Don't delete it, because you might want to re-enable it in the future (it is easy to re-add it if you delete it). Next, we allow only Tor to communicate with the internet.

3. pfSense Firewall -> Rules -> LAN -> add new rule (click the + sign): Allow the Tor bridge IP's, and make sure the "Anti-Lockout Rule" is at the top of the rules list, and the "Default allow LAN to any rule" is at the bottom of the list (and disabled).

Action: Pass

Disabled: unchecked

Interface: LAN

Protocol: TCP

Source: not: unchecked

Source: Type: any

Destination: not: unchecked

Destination: Type: Single host or alias

Destination: Address: Enter the Tor bridge IP address here

Destination port range: from: Enter the Tor bridge port here (usually 443)

Destination port range: to: Enter the Tor bridge port here (usually 443)

Log: checked

Description: Allow Tor bridge

4. pfSense Firewall -> Rules -> LAN: A prompt will appear above the list of firewall rules asking you to apply your changes. Click "Apply".

5. pfSense Diagnostics -> States -> Reset States: Existing connections will not be stopped when you change firewall rules, so you must close those connections before you can see the results of your firewall changes. Click the "Reset" button, then you can immediately reload the Reset States page manually. Because the connection was disrupted by clicking the reset button, the page will not be able to load on its own. When it loads, the reset is done (almost instantaneously).

6. Edit your Tor torrc configuration file, and add "DNSPort 53" on a new line at the bottom, without quotes, then save the file and restart Tor. The built-in torrc editor in Vidalia did not work for me, so I only used Vidalia to find the path to the torrc file, and then I edited it with a regular text editor. You can find the path in Vidalia -> Settings -> Advanced -> Tor Configuration File. On Windows, it might look like "C:\Users\Somebody\AppData\Local\Vidalia\torrc". To use the built-in torrc editor, click the button that says "Edit current torrc".

7. Configure your OS's DNS settings to use 127.0.0.1 as the primary DNS. If you are forced to enter a secondary DNS, you can enter 127.0.0.2 (it doesn't work and it doesn't do anything).

8. Test your setup just to verify that you have internet access. Use a safe computer on a safe connection so that it's OK if something goes wrong and your IP address leaks out.

9. In pfSense, check the firewall logs in Status -> System Logs -> Firewall. You should see a lot of stuff getting blocked, and only a few things passing through. Make sure those things passing through are supposed to be passing through, and also that it's ONLY passing through the Tor bridge IP's. If there is a problem, you will see it in the firewall log. Check the log frequently to be sure everything except Tor is being blocked. pfSense is good at that, so there's not much to worry about.

10. Turn on Flash, JavaScript, and all the nasty little backdoors that Tor users fear, and use the "full anonymity test" for your web browser at http://ip-check.info/?lang=en . In every test I have run, only VPN and Tor exits have been detectable, which is exactly the way it's supposed to be!

Because pfSense is blocking EVERYTHING except Tor, there is no way for any PC on your network to learn what IP it is using to access the internet. Because every bit of data leaving and entering your PC and your LAN must pass through Tor, there is no way anyone else can learn what your true IP is either. I setup my pfSense system with 2 separate ethernet ports, so there is physical isolation between the LAN and the WAN.

I'm sure this setup isn't 100% bulletproof, but as far as I can tell, as long as pfSense doesn't get hacked, it would be OK for any PC on my network to get hacked, and the hacker would not be able to learn my IP address (and location). Because I'm not using Tor Browser, my activities online are still trackable with cookies, JavaScript, browser profiling, etc. Although no one knows my name and where I live if I don't tell them, the ability to track my internet usage means that, in the strictest sense, I'm not using the internet anonymously.

If I wanted to be completely anonymous AND untrackable, I would have to switch to using Tor Browser, or even better, Whonix. I may do that when my tasks require that much protection, but for most things most of the time, I don't care if people know which websites I'm visiting. In my case, that information isn't a problem for me. It might be for you.

To have a full-featured internet experience (with Flash, JavaScript, etc) combined with the ability to conceal my location, is good enough for me 99% of the time. I can always switch to Whonix or Tor Browser if I need more privacy than that. The pfSense firewall will still do its job of blocking everything that's not Tor, if something goes wrong with Tor Browser or Whonix. I see that surprise bugs have been found in Tor Browser before, and pfSense would have prevented the bug from doing any damage. Here's more info about one of those bugs:

https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-tbbs

I'm sure my setup can be improved. I've noticed that sometimes my PC tells me I've got no internet access when I actually do. That's probably because pfSense is blocking DHCP. As long as stuff keeps working, then the more the merrier :)