diff --git a/sys/netpfil/pf/if_pflog.c b/sys/netpfil/pf/if_pflog.c
--- a/sys/netpfil/pf/if_pflog.c
+++ b/sys/netpfil/pf/if_pflog.c
@@ -231,7 +231,9 @@
 	bzero(&hdr, sizeof(hdr));
 	hdr.length = PFLOG_REAL_HDRLEN;
 	hdr.af = af;
-	hdr.action = rm->action;
+	/* Default rule does not pass packets dropped for other reasons. */
+	hdr.action = (rm->nr == (u_int32_t)-1 && reason != PFRES_MATCH) ?
+	    PF_DROP : rm->action;
 	hdr.reason = reason;
 	memcpy(hdr.ifname, kif->pfik_name, sizeof(hdr.ifname));