Add support for Debian Unstable

[martialblog]

Replacement PR for #805

• Added operatingsystemrelease unstable with netfilter service and package
• Extended rspec tests for Debian

[florindragos]

Hey @martialblog,
Thank you for your contribution! 👍

[LiohMoeller]

The module has been flagged to support also Debian 10 and there are some additions to the spec tests for Buster as well. Actually the module calls iptables-save in the resource definition, which is a symlink to nftables in Debian 10+: https://wiki.debian.org/nftables

Even if the alternatives are configured accordingly afterwards, the module fails on first run with something like:

/Stage[main]/Itsystems_firewall::Config::Request/Resources[firewall] Failed to generate additional resources using 'generate': Execution of '/sbin/iptables-save' returned 1: iptables-save/1.8.2 Failed to initialize nft: Protocol not supported.

There has been some commits addressing the issue: 3614e5d which are mainly in the acceptance tests and not the actual module which also would need something like this in the resource definition before iptables-save:

if os[:family] == 'debian' && os[:release] == '10'
    run_shell('update-alternatives --set iptables /usr/sbin/iptables-legacy')
end