pflog interface is not a "real" interface, there's no point in putting an IP address on it
I'm not sure if tcpdump knows exactly that it's a pflog interface but tcpdump knows how to decode the wire format which traverses the pflog interface.
It's a bit of a weird thing, using a network device for logging information like this, but it works.
pflog interface is not a "real" interface, there's no point in putting an IP address on it