Since you will be using 3.3, consider anchor rules and tables instead they provide a much better interface to rule/address modifications check the sources for spamd, authpf and pfctl for implementation details.
I will have to read about anchor rules (new to me..), but tables are for address only? I need to insert complete rules into pf, and I have to make sure they are evaluated last (i.e. to be sure, they really "fire").
- Marc
