Wow this has turned into one hell of a bike shed.
I don't see a problem with implementing additional methods of
filtering. One that allows enabling in and out rules, and one that
allows configuring one single ruleset applied independent of
interfaces would be ideal. Different methods of filtering work better
in certain environments, and/or better suit some people's personal
preferences. The default would have to be retained as is for backwards
compatibility, and because it's easier for the typical user to grasp
and harder for them to shoot themselves in the foot.
Doing this in pfSense using 3 modes as I described above (default,
in/out, and single ruleset) has been discussed, but no specific plans
for implementing it at this time (patches accepted). I like the idea
of giving people options, but not changing the defaults.