[Tails-dev] Please review feature/firewall_lockdown

Please review and merge feature/firewall_lockdown, currently merged into
experimental. This time it should merge cleanly into devel.

This branch modified the firewall to use a white-list/principle of least
privelege approach for local services, so only users that reasonably
need access to e.g. Tor's SOCKS port have it. It also adds logging
(visiable in dmesg) for rejected packets, disables some unwanted
services that bloat that log (e.g. Pidgin's UPnP support), and makes
some local services IPv6 only to avoid duplication of white-list rules.

Cheers!