Fix: Re-apply custom firewall post-rules after VPN reconnection and rule updates

[atasmohammadi]

Problem

When using custom firewall post-rules in /iptables/post-rules.txt, these rules are only applied during the initial firewall setup but are not re-applied when:

• VPN connection changes or reconnects
• Firewall ports are updated
• Outbound subnets are modified

This causes custom rules to be lost during normal operation, requiring manual re-application of rules (e.g., via SSH or exec into the container).

Solution

This PR adds a helper method applyUserPostRules() and ensures it's called after any significant firewall rule changes in:

• SetVPNConnection() in vpn.go
• SetAllowedPort() in ports.go
• SetOutboundSubnets() in outboundsubnets.go

The changes are minimal and follow the existing code patterns.

Testing

I've tested this fix with a custom Gluetun setup using WireGuard and the following scenario:

1. Created custom post-rules in /iptables/post-rules.txt to allow specific traffic
2. Observed that without this fix, rules were lost after VPN reconnection
3. With this fix, rules persist through VPN reconnections and firewall updates
4. Verified with iptables -L that rules remain in place after reconnection events

Use Case

This is particularly important for users who:

• Need to allow specific traffic through the VPN tunnel (tun0)
• Run other containers in network_mode: "container:gluetun"
• Need persistent custom firewall rules for services like BitTorrent clients

Changes

• Added applyUserPostRules() helper method in firewall.go
• Modified SetVPNConnection() to re-apply post-rules after VPN changes
• Modified SetAllowedPort() to re-apply post-rules after port changes
• Modified SetOutboundSubnets() to re-apply post-rules after subnet changes
• Added improved logging in runUserPostRules() (optional)