fw4: support automatic includes

fw4: support automatic includes

Introduce a new directory tree /usr/share/nftables.d/ which may contain
partial nftables files being included into the rendered ruleset.

The include position is derived from the file path;

 - Files in .../nftables.d/table-pre/ and .../nftables.d/table-post/ are
   included before and after the `table inet fw4 { ... }` declaration
   respectively

 - Files in .../nftables.d/ruleset-pre/ and .../nftables.d/ruleset-post/
   are included before the first chain and after the last chain
   declaration within the fw4 table respectively

 - Files in .../nftables.d/chain-pre/${chain}/ and .../chain-post/${chain}/
   are included before the first and after the last rule within the mentioned
   chain of the fw4 table respectively

Automatic includes can be disabled by setting the `auto_includes` option to
`0` in the global defaults section.

Also adjust testcases accordingly.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>