Hi,
Just saw this behavior yesterday, iwas testing sep 11.x rules to sep 12.1...
You don't have to recreate rules in 12.1 "style".
In fact, in 12.1 "default" policy, look at the 2 last rules in the policy :
BLOCK ALL IP TRAFFIC : LOG (the IP Protocol is matching ...)
BLOCK ALL OTHER TRAFFIC : NO LOG
In 11.x you don't have these 2 rules that log IP traffic which is blocked, and then block but don't log other trafic (like ethernet) ; you only have 1 rule like your screen shot, block all trafic and log.
It explains why you were seeing these entries...
So migrate your 11.x rules and modify the last 2 rules in that way...
EDIT : don't add IP/network range matching in your rules since ARP is using Ethernet MAC adress... and select "all interfaces" ; the same is happening when filtering Multicast address, "ethernet adapter" only would not work...
Cheers !
LL