[3.21] main/iptables: apply upstream patches to fix docker networks

Since upgrading to 1.8.11, people have experienced networking issues with docker containers due to forward rules missing.

These issues have been reported and fixed upstream. Apply those patches to fix those issues.

Fixes #16860 (closed)

(cherry picked from commit 28277d5f)