Might be a SYN scan. I believe SSH will not log anything if a three-way
handshake has not been completed.
The application layer can accept only "completed" connections, so
handshaking must be successfully completed first before the application
can accept the incoming connection. It's not SSH specific behavior.
Of course, it would help if you provided ipfw logs to determine exactly
what kind of packets it was.
Mar 20 09:12:29 janus kernel: ipfw: 10000 Accept TCP 184.108.40.206:26102 172.16.8.11:22 out via vr0
Mar 20 19:30:07 janus kernel: ipfw: 10000 Accept TCP 220.127.116.11:33000 172.16.8.11:22 out via vr0
It may not help. We can see packet in one direction but not in
opposite. Unfortunately, we can't decide it's because there are no reply
packets or the response packets are not logged by your configuration.