Improve FlashStart integration to overcome current limitations

[cotosso]

Description
The current integration with FlashStart has several limitations that need to be addressed. While this is not strictly a bug, an improved implementation would enhance functionality and reliability.

Issues with the current implementation

• The firewall itself is forced to route traffic through FlashStart's IPs, which can cause issues if FlashStart's DNS servers experience problems or if the license expires.
  In such cases, the firewall cannot communicate with the service center, preventing proper display of UI pages available only for subscribed users.
• domain sets could not work properly
• Non-filtered networks must use a DNS server different from the firewall's IP; otherwise, they will still be filtered.
• The current implementation is not suitable for handling multiple profiles.
• It does not support the use of dnsdist to send DNS requests over DoT or DoH, as these protocols require resolving DNS servers by name rather than by IP.

Required Improvement
We need to redesign the integration to remove these constraints while ensuring that the firewall can still resolve local names for:

• Static leases
• Dynamic leases
• DNS records

Components

NethSecurity version: 8-23.05.5-ns.1.4.1

[cotosso]

I suggest to:

• never modifying the behavior of dnsmasq, which should always runs on port 53.
  This way, NethSecurity will use the DNS servers configured in the dedicated DNS section rather than those of FlashStart.
• dnsdist will continue running on port 5300.
• Traffic from various networks to dnsdist will be redirected by modifying the current DNAT rules.
  All requests on ports 53 UDP and TCP will be forwarded to 5300 UDP and TCP, where dnsdist is listening.
• Requests for domains managed by NethSecurity in the DHCPsection will be forwarded to dnsmasq at 127.0.0.1:53 (or we can have a dedicated section for domains resolved by other dns servers).
• Hostnames present in static leases or DNS records must be handled using a dedicated script.

[cotosso]

• Dynamic leases are listed here /tmp/dhcp.leases
• Static leases and DNS records are listed here /tmp/hosts/dhcp.cfg01411c

There are some public utils for dnsdist written in lua: https://github.com/hhoffstaette/dnsdist-utils/tree/master which can be useful.

I already had a try the addHosts function with the file /tmp/hosts/dhcp.cfg01411c with no problems

However there are still 2 issues to solve:

• the dhcp.leases file needs a bit more work on it cause the format is not directly usable:
  1740718936 0a:2f:5e:cd:2f:49 172.25.4.184 myhostname 01:0a:2f:5e:cd:2f:49

• we need to regularly update these hosts