add support to enable routing

templates/netforwarding.j2

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+case ${1} in
+	start)
+		echo -n '1' > /proc/sys/net/ipv6/conf/all/forwarding
+		echo -n '1' > /proc/sys/net/ipv4/ip_forward
+	;;
+
+	stop)
+		echo -n '0' > /proc/sys/net/ipv4/ip_forward
+		echo -n '0' > /proc/sys/net/ipv6/conf/all/forwarding
+	;;
+
+esac

templates/netforwarding.service.j2

@@ -0,0 +1,14 @@
+[Unit]
+Description=Enables forwarding in the linux kernel after the firewall is fully loaded
+After=nftables.service
+Requires=nftables.service
+
+[Service]
+RemainAfterExit=yes
+Type=oneshot
+
+ExecStart=/usr/local/bin/netforwarding start
+ExecStop=/usr/local/bin/netforwarding stop
+
+[Install]
+WantedBy=multi-user.target