Enable kernel.Mechanism to specify IP Tables ipv4 Nat Chains/Rules

[edwarnicke]

Introduce new constant for parameters for kernel.Mechanism:

IPTABLES4_NAT_TEMPLATE = "iptables__nat_template"

And provide helpers:

# Getters and Setters
func (m *Mechanism) SetIPTables4NatTemplate(tmpl string) *Mechanism {}
func (m *Mechanism) GetIPTables4NatTemplate(tmpl string) string {}

# Helper to evaluate the iptables template using a *networkserviceConnection
func (m *Mechanism) EvaluateIPTables4NatTemplate(conn *networkservice.Connection) {}

The ip tables nat template is expected to be a golang text/template to inject a struct with fields:

• NsmInterfaceName - the name of the interface from conn.GetMechanism().GetInterfaceName()
• NsmSrcIPs - the ipv4 addresses from conn.GetContext().GetIPContext(). GetSrcIpAddrs()
• NsmDstIPs - the ipv4 addresses from conn.GetContext().GetIPContext().GetDstIPAddrs()

Example template:

-N NSM_PREROUTE
-A NSM_PREROUTE -j ISTIO_REDIRECT
-I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j NSM_PREROUTE
-N NSM_OUTPUT
-A NSM_OUTPUT -j DNAT --to-destination {{ .NsmSrcIps[0] }}
-A OUTPUT -p tcp -s 127.0.0.6 -j NSM_OUTPUT
-N NSM_POSTROUTING
-A NSM_POSTROUTING -j SNAT --to-source ${NsmDstIPs[0]}
-A POSTROUTING -p tcp -o ${NSM_INTERFACE} -j NSM_POSTROUTING