What would be the filter syntax to allow all TCP packets though 
that do NOT have SYN set?

I tried:

pass in quick proto tcp from any to any flags /S

pass in quick proto tcp from any to any flags A/S

The one that seems to work for most is to use:

pass in quick proto tcp from any to any flags A/SA

but I know that will not do what I want in some cases.

Is there no way to specify that a single flag has to be off but other
flags can be in any state?

I want to do this because I want to log all incomming connection requests 
but ignore (pass) all data packets through as fast as possible.

--Michael