Issue with running 'pkg update' from jails with "net.inet.tcp.blackhole=2" sysctl.

[Goran Tepšić]

Hi, I just discovered this little sysctl tweak (*net.inet.tcp.blackhole=2*)
which from what I understood can help hiding host from network scanners or
at least slow them down.

Everything works just fine except when updating jail (*running pkg
update / upgrade*) off the host's Nginx instance serving Poudriere-built
packages and with this sysctl set, update/upgrade command just hangs, not
sure why.

Anyone having same issue?