Feature request: Enable specifying a CIDR range for allowed inbound connections in the firewall (e.g. `FIREWALL_INPUT_SUBNETS`)

[DrEsteban]

What's the feature 🧐

In the docs for the Firewall, it's mentioned that you can configure a set of FIREWALL_INPUT_PORTS to allow external traffic into the Gluetun network space. It would be nice if there was a subnet setting to go along with it.

For example, I wanted clients on my LAN to be able to access my application's web interface. My application is deployed as another container using Gluetun's container network - the network_mode: "service_gluetun" method. So I enabled FIREWALL_INPUT_PORTS=443 on the Gluetun container, which works. But I believe this enables inbound connections on 443 from any IP address....not just my LAN.

I can obviously restrict this in other ways, and it's not like my Gluetun device is exposed directly to the open internet, but it would be nice if Gluetun provided this extra assurance out of the box. (Defense in depth)

Extra information and references

No response

[github-actions]

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

• do not ask for updates, be patient
• 👍 the issue to show your support instead of commenting
  @qdm12 usually checks issues at least once a week, if this is a new urgent bug,
  revert to an older tagged container image