pf tests: Test that 'set skip on <group>' works on new group members

pf tests: Test that 'set skip on <group>' works on new group members

There's a know issue where new group members don't get the 'set skip on'
applied until the rules are re-loaded.

Do this by setting rules that block all traffic, but skip members of the
'epair' group. If we can communicate over the epair interface we know the set
skip rule took effect, even if the rule was set before the interface was
created.

MFC after:	2 weeks