Suggest to automatically configure Secure VNET firewall

[gronke]

The Secure VNET feature requires IPFW to be running and configured to filter ethernet bridges. Manual steps for a minimal configuration are:

sysrc firewall_type=open
sysrc firewall_enable=YES
service ipfw start
sysctl net.link.ether.ipfw=1
sysctl net.link.bridge.ipfw=1
# permanently enable sysctls
echo "net.link.ether.ipfw=1" >> /etc/sysctl.conf
echo "net.link.bridge.ipfw=1" >> /etc/sysctl.conf

see also https://bsdci.github.io/handbook/features/networking/

When the firewall is not properly configured, a dialog should ask the user to apply the above configuration.

[igalic]

is that on the host or in the jail?