cant stop ip from displaying in wrong display

Question

i have a few simply rules , using display as per items IE group 1 on display 0 group 2 on display 2 group 3 on display 3 (machine level ) x.x.x.249 Last rule appears in display 2 and display 3 , i cant seem to stop it in display 2 any ideas RuleCount=6 R001-RuleName=Default R001-RuleInfo=00021 R001-A001-L01=03011 R001-A001-L02=Display R001-A001-L03=0 R001-A002-L01=11021 R001-A002-L02=Log to file R001-A002-L03=e:\Syslog\Firewall\%DateISO%SyslogFirewall.txt R001-A002-L04=5 R001-A002-L05=0 R001-A002-L06=12 R001-A002-L07=100 R001-A002-L08=2 R001-A002-L09=1 R001-A002-L10=2 R001-A002-L11=0 R002-RuleName=Log to Syslog Web Access R002-RuleInfo=00011 R002-A001-L01=05151 R002-A001-L02=Log to Syslog Web Access R002-A001-L03=Provider=Microsoft.SQLSERVER.CE.OLEDB.3.5; Data Source=F:\Kiwisyslog\Kiwi Syslog Web Access\html\App_Data\Event.sdf; SSCE:Max Database Size=4091; SSCE:AutoShrink Threshold=5; R002-A001-L04=KiwiSyslogEvent R002-A001-L05=600 R003-RuleName=Log switches core to disp R003-RuleInfo=01021 R003-F001-L01=030102000010001 R003-F001-L02=New Filter R003-F001-L03=x.x.x.103 or z.z.z.47 or z.z.z.48 or z.z.z.2 or z.z.z..4 or z.z.z..49 or x.x.x.2 or x.x.x.3 or x.x.x.4 or x.x.x.5 or x.x.x.6 or x.x.x.2 R003-A001-L01=11021 R003-A001-L02=New Action R003-A001-L03=e:\Syslog\switches\%DateISO%SyslogswitchCatchAll.txt R003-A001-L04=5 R003-A001-L05=0 R003-A001-L06=12 R003-A001-L07=100 R003-A001-L08=2 R003-A001-L09=1 R003-A001-L10=2 R003-A001-L11=0 R003-A002-L01=03011 R003-A002-L02=New Action R003-A002-L03=2 R004-RuleName=Critical alert Email R004-RuleInfo=01010 R004-F001-L01=030601000000000 R004-F001-L02=Critical Alert R004-F001-L03=000000000000000000000000000000000600060000000000 R004-A001-L01=12060 R004-A001-L02=email Action R004-A001-L03=helpdesk@xxxxx.local,sysadminemail@xxxxx.local R004-A001-L04=Syslog message from %MsgHost R004-A001-L05=viewpointsyslog@xxxxx.local R004-A001-L06=%MsgAll%MsgText R004-A001-L07=200 R004-A001-L08=65535 R004-A001-L09=0 R004-A001-L10=1 R004-A001-L11=2 R004-A001-L12=0 R005-RuleName=Info Email R005-RuleInfo=01010 R005-F001-L01=030601000000000 R005-F001-L02=error warn Filter R005-F001-L03=000000000000000000000000000000001800180000000000 R005-A001-L01=12060 R005-A001-L02=email Action R005-A001-L03=sysadminemail@xxxxx.local R005-A001-L04=Syslog message from %MsgHost R005-A001-L05=viewpointsyslog@xxxxx.local R005-A001-L06=%MsgAll%MsgText R005-A001-L07=200 R005-A001-L08=65535 R005-A001-L09=0 R005-A001-L10=2 R005-A001-L11=0 R005-A001-L12=0 R006-RuleName=emergency email R006-RuleInfo=01011 R006-F001-L01=030601000000001 R006-F001-L02=emergency Filter R006-F001-L03=000000000000000000000000000000000100010000000000 R006-A001-L01=12061 R006-A001-L02=email Action R006-A001-L03=helpdesk@xxxxx.local,sysadminemail@xxxxx.local R006-A001-L04=Syslog message from %MsgHost R006-A001-L05=viewpointsyslog@xxxxx.local R006-A001-L06=%MsgAll%MsgText R006-A001-L07=200 R008-A001-L08=65535 R008-A001-L09=0 R008-A001-L10=1 R008-A001-L11=2 R008-A001-L12=0 R009-RuleName=Symantec vserver2 R009-RuleInfo=01031 R009-F001-L01=030103000010001 R009-F001-L02=New Filter R009-F001-L03=xxxxx.87 R009-A001-L01=11021 R009-A001-L02=New Action R009-A001-L03=e:\Syslog\symantec\%DateISO%SyslogsymantecCatchAll.txt R009-A001-L04=5 R009-A001-L05=0 R009-A001-L06=12 R009-A001-L07=100 R009-A001-L08=2 R009-A001-L09=1 R009-A001-L10=2 R009-A001-L11=0 R009-A002-L01=03011 R009-A002-L02=New Action R009-A002-L03=6 R009-A003-L01=11030 R009-A003-L02=New Action R009-A003-L03=xxxxx.103 R009-A003-L04=24 R009-A003-L05=8 R009-A003-L06=514 R009-A003-L07=0 R009-A003-L08=0100 R009-A003-L09= R009-A003-L10=Connection1 R009-A003-L11=0 R010-RuleName=servers R010-RuleInfo=01021 R010-F001-L01=030102000010001 R010-F001-L02=from server R010-F001-L03=xxxxx.249 R010-A001-L01=11021 R010-A001-L02=Log files R010-A001-L03=F:\Kiwisyslog\Syslog\Logs\Servers\SyslogServersAll R010-A001-L04=5 R010-A001-L05=0 R010-A001-L06=12 R010-A001-L07=100 R010-A001-L08=2 R010-A001-L09=1 R010-A001-L10=2 R010-A001-L11=0 R010-A002-L01=03011 R010-A002-L02=Display R010-A002-L03=3 [Scripting]