Rule deletion by description

This patch introduces deletion in a similar fashion as in iptables, thus, we can delete the first rule that matches our description, for example:

$ nft list -a ruleset
table ip t {
    chain c {
        ip saddr 1.1.1.1 counter packets 0 bytes 0 # handle 1
        ip saddr 1.1.1.2 counter packets 0 bytes 0 # handle 2
        ip saddr 1.1.1.2 counter packets 0 bytes 0 # handle 3
        ip saddr 1.1.1.4 counter packets 0 bytes 0 # handle 4
    }
}
$ nft delete rule table chain ip saddr 1.1.1.2 counter
$ nft list -a ruleset
table ip t {
    chain c {
        ip saddr 1.1.1.1 counter packets 0 bytes 0 # handle 1
        ip saddr 1.1.1.2 counter packets 0 bytes 0 # handle 3
        ip saddr 1.1.1.4 counter packets 0 bytes 0 # handle 4
    }
}

For archive this I have needed to introduce several changes into libnftnl library. I have implemented comparators for rule and expression objects.

NOTE: I have some patches that must be accepted before I can consider the work completed.

Commits

nftables

• PENDING APPOVAL parser: Improve syntax errors
• PENDING APPOVAL test: shell: Add tests for deleting rule by description
• PENDING APPOVAL Implement deleting rule by description
• Simplify parser rule_spec tree

libnftnl

• rule: Fix comparison between rules if number of expressions differ
• src: Implement rule comparison
• rule: Implement internal iterator for expressions
• src: Constify iterators