Vendors this fix (istio/istio#33572) from Istio

Signed-off-by: John Harris <john.harris@konghq.com>

As our e2e tests for universal are done from inside of a docker
container, to make the networking work, we are bridging docker
network to the host, which results in additional iptables rules
inside every container within this network. Problem with these
rules is that it's doing some NAT'ing for DNS udp datagrams with
addition of randomly picked (during the container startup) port.
It's problematic for this conntrack change as it works inside
the `raw` table and among others `PREROUTING` chain and expects
the datagrams from known port (53), which the earlier described
NAT'ing is changing. This probably could be fixed by rethinking
some of the rules, but as it's an edge case, after consultation
with the team I decided it's not worth the time needed to properly
solve it and instead I introduced to a `--skip-dns-conntrack-zone-split`
flag for `kumactl install transparent-proxy`, which allows us to
skip attaching the conntrack-collision iptables rules. This change
was necessary for making some of the tests to work (univeral).

I also fixed the code to include our flag for capturing all dns
traffic and instead of hardcoding port `15053`, to use the one
from the configuration.

Signed-off-by: Bart Smykla <bartek@smykla.com>