Sorry, I was actually in the process of taking the 'flags S/SA' part out, but hadn't done so completely. It was foolish of me to start to remove the flags clause. For some reason the packets which I want to match this rule are being processed somewhere else and when I run 'pfctl -vvs rules', it shows that the expanded rule pertaining to port 80 is evaluated, but rarely. The 20 (which probably will never match), and 21 are not ever evaluated. >From what I understand the most specific rule pertaining to a packet wins. Is this a misunderstanding? Is one of my quick rules taking precedence? Would anyone like to see the output from pfctl? Please help, I'm losing perspective here.
-jesse
