pf: add a new log opt PF_LOG_MATCHES

forces logging on all subsequent matching rules
new log opt "matches"
awesome for debugging, a rule like
match log(matches) from $testbox
will show you exactly which subsequent rules match on that packet
real ok theo assumed oks ryan & dlg bikeshedding many

Obtained from: OpenBSD, henning <henning@openbsd.org>, 1603e01ae4
Obtained from: OpenBSD, henning <henning@openbsd.org>, f496e91672
Obtained from: OpenBSD, henning <henning@openbsd.org>, 07481a9fee
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46588