Found it.  NetBSD defaults to snaplen of 69.  OpenBSD defaults to 96. 
96 is required to see all of the pflog details:

  -s     Snarf  snaplen  bytes  of  data from each packet rather than
the
              default of 68 (with SunOS's NIT, the minimum  is  actually  96).
              68  bytes is adequate for IP, ICMP, TCP and UDP but may truncate
              protocol information from  name  server  and  NFS  packets  (see
              below). 

     -s snaplen
               Analyze at most the first snaplen bytes of data from each pack-
               et rather than the default of 96.  96 bytes is adequate for IP,
               ICMP, TCP, and UDP, but may truncate protocol information from
               name server and NFS packets (see below).  Packets truncated be-
               cause of a limited snaplen are indicated in the output with
               ``[|proto]'', where proto is the name of the protocol level at
               which the truncation has occurred.

On Fri, 2006-09-22 at 03:45, Michael-John Turner wrote:
> On Thu, Sep 21, 2006 at 06:25:40PM -0400, Brian A. Seklecki wrote:
> > Interesting.  I was entertaining the idea tha tit may be a configuration 
> > issue.  Your pf.conf(5) has a 'block log all' near the beginning?
> 
> Yep, it does. I have the following
> set loginterface $ext_if
> ...
> block log all
> 
> Where $ext_if is my external interface (in the log sample I pasted,
> pppoe0). I was running tcpdump with the same options as you, BTW.
> 
> > There is an issue of an "old pflog format" v.s. the current one, but I 
> > think we can rule that out.
> 
> I'm guessing so. My feeling is that it's possibly related to lkm vs.
> compiled in (my pf support is compiled in), but that's a wild hunch.
> 
> -mj