networkmanager: remove race condition from shared dispatcher script

[alexgg]

The shared dispatcher script runs when a shared iptables rules is identified and it moves it to the last place in the forward chain to avoid race conditions with the engine rule addition.

This commit refactors the script to remove the possibility of a rule changing positions between being identified by line number and removing it.

The script now only fetches the rule line number once and then uses its description to both append and remove.

It also has a final check to make sure the rule has been moved to the last position of the forward chain, and tries a series of times if that is not the case.

Change-type: patch

---

Contributor checklist

• [ ] Changes have been tested
  • [ ] Covered in automated test suite
  • [ ] Manual test case recorded
• [ ] Change-type present on at least one commit
• [ ] Signed-off-by is present
• [ ] The PR complies with the Open Embedded Commit Patch Message Guidelines

Reviewer Guidelines

• When submitting a review, please pick:
  • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
  • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
  • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)

[alexgg]

Duplicated in https://github.com/balena-os/meta-balena/pull/3429