ipfw: Implement state based "redirect", i.e. without using libalias.

ipfw: Implement state based "redirect", i.e. without using libalias.

Redirection creates two states, i.e. one before the translation (xlat0)
and one after the translation (xlat1).  If the hash of the translated
packet indicates that it is owned by a remote CPU:
- If the packet triggers the state pair creation, the 'xlat1' will be
  piggybacked by the translated packet, which will be forwarded to the
  remote CPU for further evalution.  And the 'xlat1' will be installed
  on the remote CPU before the evalution of the translated packet.
- Else only the translated packet will be forwarded to the remote CPU
  for further evalution.

The 'xlat1' is called the slave state, which will be deleted only when
the 'xlat0' (the master state) is deleted.  The state pair is always
deleted on the CPU owning the 'xlat1'; the 'xlat0' will be forwarded
there.

The reference counting of the state pair is maintained independently
in each state, the memory of the state pair will be freed only after
the sum of the counter in each state reaches 0.  This avoids expensive
per-packet atomic ops.

As far as I have tested, this implementation of "redirect" does _not_
introduce any noticeable performance reduction, latency increasing or
latency destability.

This commit makes most of the necessary bits for NAT ready too.