NETMAP support in nftables requires kernel 5.10, and backporting it to 5.4 is far from trivial—likely not even possible.

The problem is that as of August 2021, Intel QAT doesn't work with the kernel 5.10, so we can't upgrade to it. Thus, for now at least, we have no way to support NETMAP in 1.3, other than to revert the NAT implementation back to the old Perl scripts that configure NAT with iptables.

Let's do it in a minimally intrusive way so that it's easy to rever back when the QAT issue is fixed.