pflow opens sockets in the kernel to transmit netflow information.
If this is done in a (vnet) jail these sockets end up preventing the removal of
the jail. The VNET_SYSUNINIT() vnet_pflowdetach() function doesn't get called,
but that's the function that would remove the sockets.

Install a callback on the PR_METHOD_REMOVE jail callback and close the sockets
there. This ensures that the jail can get cleaned up.

Sponsored by: Rubicon Communications, LLC ("Netgate")