pfSense

We can collect any issues we find with pf log output being different on FreeBSD 9 here, and the fallout.

First:
The rule number in the log file is showing up differently than it used to:

Jan 20 19:16:37 pfSense pf: 00:00:01.019773 rule 1..16777216/0(match): block in on ovpnc1: (tos 0x0, ttl 64, id 31861, offset 0, flags [none], proto ICMP (1), length 84)
Jan 20 19:16:37 pfSense pf:     10.0.97.1 > 192.168.18.1: ICMP echo request, id 60625, seq 9, length 64

I'm not sure what the 1..16777216/0 is supposed to indicate, but the rule that blocked that traffic was:

@64 block drop in quick on em0 reply-to (em0 192.168.197.2) inet proto icmp all label "USER_RULE: block ping" 
  [ Evaluations: 20        Packets: 1         Bytes: 60          States: 0     ]
  [ Inserted: uid 0 pid 63203 State Creations: 0     ]

(also not sure why block got a reply-to, but that's probably unrelated)