Only exploit ipf state keeping for CFW logging.

*** 2586,2595 ****
--- 2586,2598 ----
          if ((ifs->ifs_fr_flags & FF_LOGGING) || (pass & FR_LOGMASK)) {
                  (void) fr_dolog(fin, &pass);
          }
  #endif
  
+         if (IFS_CFWLOG(ifs) && FR_ISBLOCK(pass))
+                 ipf_block_cfwlog(fr, fin, ifs);
+ 
          /*
           * The FI_STATE flag is cleared here so that calling fr_checkstate
           * will work when called from inside of fr_fastroute.  Although
           * there is a similar flag, FI_NATED, for NAT, it does have the same
           * impact on code execution.