refactor(nftables): minimize diff against upstream pristine

The previous custom config rewrote the file to 4-space indentation,
added an explicit accept-policy output chain, and expanded the icmp
section into per-type whitelists. None of that changed observable
behaviour vs the stock arch nftables.conf:

  * Stock already uses scoped `destroy table inet filter` (so podman
    and netavark tables survive a reload).
  * `meta l4proto { icmp, icmpv6 } accept` already covers NDP, MLD,
    PMTUD, and echo — the explicit per-type list was equivalent.
  * Without an output chain, outbound traffic is unfiltered, which is
    identical to `policy accept` on an explicit output chain.
  * DHCPv6 client (UDP/546) is only needed on networks that hand out
    DHCPv6 leases; my home/work LANs use SLAAC + RDNSS, and the rare
    DHCPv6 case can be added back in one line if it ever bites.

The only laptop-specific deviation is dropping the
`tcp dport ssh accept` line — no inbound SSH on a portable machine.
Net diff against pristine is now a single deletion, which makes
`just etc-upstream-diff` actually useful for spotting upstream
ruleset improvements on package updates.

0 files changed, 0 insertions, 0 deletions