feat: implement HTTP/HTTPS jail with Go proxy and sudo support

This implements a complete HTTP/HTTPS traffic monitoring and filtering
solution with transparent proxy capabilities and proper sudo handling.

Key Features:

## Audit System
- Add comprehensive audit package for request logging
- Support for structured logging with configurable levels
- HTTP request to audit request conversion with full metadata
- Extensive test coverage for all audit functionality

## CLI Refactoring
- Refactor main.go into modular CLI package
- Improved command-line argument handling
- Better error handling and logging setup
- Cleaner separation of concerns

## Rules Engine Improvements
- Simplify rules to boolean allow/deny logic
- Remove complex Action types for cleaner implementation
- Enhanced rule matching with method and URL pattern support
- Comprehensive test coverage for rule evaluation

## Proxy Enhancements
- Integrate audit logging into proxy request handling
- Improved error handling and logging
- Better request/response processing

## Sudo Support (Critical Feature)
- **Privilege Dropping**: Subprocess runs as original user instead of root
- **Environment Restoration**: Restore HOME, USER, LOGNAME for original user
- **Certificate Management**: Store CA certificates in user's directory with proper ownership
- **Network Isolation**: Maintain jail group membership for proper traffic routing
- **Cross-Platform**: Works on both Linux (namespaces) and macOS (groups)

## TLS Certificate Improvements
- Use original user's home directory for certificate storage when running under sudo
- Proper directory ownership to ensure subprocess can access certificates
- Enhanced certificate path resolution

## Network Jail Enhancements
- Linux: Enhanced namespace handling with proper privilege dropping
- macOS: Improved group-based isolation with user privilege restoration
- Maintain network isolation while running as correct user identity

This implementation provides a complete solution for HTTP/HTTPS traffic
monitoring with proper user identity preservation when used with sudo.

Tested on both Linux and macOS platforms.

Co-authored-by: f0ssel <[email protected]>

Author: blink-so[bot]

audit/logging_auditor.go

@@ -0,0 +1,29 @@
+package audit
+
+import "log/slog"
+
+// LoggingAuditor implements Auditor by logging to slog
+type LoggingAuditor struct {
+	logger *slog.Logger
+}
+
+// NewLoggingAuditor creates a new LoggingAuditor
+func NewLoggingAuditor(logger *slog.Logger) *LoggingAuditor {
+	return &LoggingAuditor{
+		logger: logger,
+	}
+}
+
+// AuditRequest logs the request using structured logging
+func (a *LoggingAuditor) AuditRequest(req *Request) {
+	if req.Allowed {
+		a.logger.Info("ALLOW",
+			"method", req.Method,
+			"url", req.URL,
+			"rule", req.Rule)
+	} else {
+		a.logger.Warn("DENY",
+			"method", req.Method,
+			"url", req.URL)
+	}
+}