feat: Add inbound interface restriction option for ufw forward rules (#10345)

[AnxysUaen]

What this PR does / why we need it?

Add an option to restrict inbound network interfaces for UFW firewall to prevent requests from Docker containers from being forwarded.
为ufw防火墙的端口转发功能增加了限制入栈网口的选项，避免从容器内向往发出的流量被意外拦截转发到宿主机或其他服务

Summary of your change

web增加网口选择项，修改了forwards数据库表结构持久化入站网口，不干扰CentOS的正常使用
PS. 因为没有CentOS测试环境，所以不清楚firewall-cmd增加的转发是否会有同样问题，所以未作更改，如果有，可以联系我后续增加。问题见 #10345

Please indicate you've done the following:

• Made sure tests are passing and test coverage is added if needed.
• Made sure commit message follow the rule of Conventional Commits specification.
• Considered the docs impact and opened a new docs issue or PR with docs changes if needed.

[f2c-ci-robot]

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[wanghe-fit2cloud]

感谢支持。

[ssongliu]

/lgtm

[wanghe-fit2cloud]

/approve

[f2c-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: wanghe-fit2cloud

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [wanghe-fit2cloud]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment