> What's different between the time that pfctl is called right after > /etc/netstart (which apparently is failing to load the rules), and > pfctl is called by me when I've finally logged in? And unfortunately, > this is a remote box, so I can't watch the console. :(
do you have hostnames in your pf.conf?
