Teach periodic(8) security output to display information about blocked

packet counts by pf(4).

This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.

The output will look like this (line wrapped):

  pf denied packets:
  > block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
    Bytes: 0 States: 0 ]
  > block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
    States: 0 ]

Submitted by:	clive (thanks a lot!)
MFC after:	2 weeks

1 files changed, 8 insertions, 1 deletions

diff --git a/share/man/man5/periodic.conf.5 b/share/man/man5/periodic.conf.5
index 1aee8f4..611213c 100644
--- a/share/man/man5/periodic.conf.5
+++ b/share/man/man5/periodic.conf.5
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 30, 2004
+.Dd November 24, 2004
 .Dt PERIODIC.CONF 5
 .Os
 .Sh NAME
@@ -494,6 +494,13 @@ Set to
 to show log entries for packets denied by
 .Xr ipf 8
 since yesterday's check.
+.It Va daily_status_security_pfdenied_enable
+.Pq Vt bool
+Set to
+.Dq YES
+to show log entries for packets denied by
+.Xr pf 4
+since yesterday's check.
 .It Va daily_status_security_ipfwlimit_enable
 .Pq Vt bool
 Set to