consomme: filter guest network traffic based on destination

[damanm24]

By default, drop guest-originated packets destined for loopback, unspecified, and link-local addresses in the
consomme NAT layer. A new allow_host_local_access parameter on ConsommeParams can be set to opt in to the
previous behavior when needed.

[Copilot]

Pull request overview

This PR tightens Consomme’s NAT behavior by default-dropping guest-originated packets whose destination is “host-local” (loopback/unspecified/link-local), with an opt-in parameter to restore prior behavior for scenarios that need it.

Changes:

• Add destination filtering for IPv4/IPv6 guest TX frames, returning a new DropReason::DestinationNotAllowed when blocked.
• Expose a new ConsommeParams flag (allow_host_local_access) defaulting to false to opt in to allowing these destinations.
• Update/add tests to validate the new default filtering and to opt in where existing tests require loopback access.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
vm/devices/net/net_consomme/src/lib.rs	Accounts for the new destination-block drop reason in TX drop stats.
vm/devices/net/net_consomme/consomme/src/lib.rs	Introduces the new params flag, drop reason, and IPv4/IPv6 destination filtering logic.
vm/devices/net/net_consomme/consomme/src/tests.rs	Adds new unit tests covering blocked/allowed destination behavior for IPv4/IPv6.
vm/devices/net/net_consomme/consomme/src/tcp/tests.rs	Opts TCP tests into loopback/host-local access as required by the new default.
vm/devices/net/net_consomme/consomme/src/udp.rs	Opts UDP tests into loopback/host-local access as required by the new default.

[github-actions]

1 Petri tests failed (1 unstable)