confd: explicitly declare cni backends

 - the port-mapping plugin supports iptables or nftables
 - the firewall plugin support only iptables or firewalld

Enforce use of iptables wrapper for nftables, for now, in both plugins.
This all needs to be refactored to run podman with "unmanaged" networks
in the future.

Related to issue #1125

Signed-off-by: Joachim Wiberg <[email protected]>

Author: troglobit

src/confd/src/cni.c

@@ -250,12 +250,15 @@ static int cni_bridge(struct lyd_node *net, const char *ifname)
 		"    },\n"	/* /bridge */
 		"    {\n"
 		"      \"type\": \"portmap\",\n"
+		"      \"backend\": \"iptables\",\n"
+		"      \"snat\": true,\n"
 		"      \"capabilities\": {\n"
 		"        \"portMappings\": true\n"
 		"      }\n"
 		"    },\n"	/* /portmap */
 		"    {\n"
-		"      \"type\": \"firewall\"\n"
+		"      \"type\": \"firewall\",\n"
+		"      \"backend\": \"iptables\"\n"
 		"    },\n"	/* /firewall */
 		"    {\n"
 		"      \"type\": \"tuning\"\n"