Extend `PermitListRule` to support ICMP types and codes

[Cohen-J-Omer]

As suggested here, we should consider extending PermitListRule to support ICMP types and codes.
If you believe it's a worthwhile effort, we should make sure the data type of the ICMP type and code fields will be a string rather than an integer, since the default value of an integer (0) represents an existing ICMP type(echo reply) and code(unreachable network).

[seankimkdy]

@Cohen-J-Omer I'm lacking some background in this. Could you give an example of a permit list rule that leverages these ICMP types and codes?

[Cohen-J-Omer]

Hey @seankimkdy, IBM security group rules support ICMP types and codes. Extending the existing PermitListRule interface will allow:

• Users to have more control over the ICMP security group rules that are being added.
• The IBM plugin to distinguish ICMP rules that share source and destination, while differing by code and type. Duplicate rules are identified as to not clutter the security group table (with duplicates).

[smcclure20]

As far as I know, the other clouds don't support specifying the type and code for ICMP packets in rules, so I think unless there is a strong need for this from users, we should just default to matching on all types and codes.