Hrm, my config has a "traffic-class filter access-list xxxx" where the ACL deny's ip any any. Then my lists are defined. Maybe that's why it's picking up unintended traffic.
I reviewed many sample configs in Cisco Config Guide, but none of them had "filter" on their command lists. and another issue; do u have any idea about prefix-lengths which was learned? as I entered "aggregation-type prefix-length" command about each learn list, the prefixes was learned must be in the form of /32 and /16. but all of the learned prefixes have /24, as determined by default. !?
I put a sample config taken from Cisco PfR Config guide here:ip access-list extended USER_DEFINED_TC
permit tcp any any 500
permit tcp any any range 700 750
permit udp any eq 400 any
permit ip any any dscp ef
list seq 10 refname CUSTOM_APPLICATION_TC
traffic-class access-list USER_DEFINED_TC
aggregation-type prefix-length 24
pfr-map POLICY_CUSTOM_APP 10
match learn list CUSTOM_APPLICATION_TC