Simplified external port forwarding and automatic NAT traversal

Currently, Qubes OS lacks a centralized an easy way to forward ports to virtual machines. Although it is possible to forward ports by issuing iptables commands on both the NetworkVM and the FirewallVM, or by using the ConnectTCP service, it is a limited and error prone manual process. Furthermore, the lack of a GUI that shows the manual rules fives the user a lack of oversight on the firewall.

The goal of the project is to mplement a GUI for automatic and persistent, eventually with a predefined timespan (ie: until reboot), port forwarding. The idea is to split horizontally the "Firewall Rules" tab in the "Qubes Settings" window and add another area below it.

Additionally, discuss and verify the possibility to implement a secure NAT traversal system and GUI. A basic proposal could be a checkbox to enable NAT traversal requests. When the checkbox is selected, the FirwallVM will redirect NAT traversal requests to a local python daemon or a dedicated VM that will negotiate the NAT traversal and configure the network accordingly. In this case, prompt the user in Dom0 about the NAT traversal request.

Of course the qvm-* set of tools must e able to achieve the same tasks via CLI.