(#10164) Reject and document icmp => "any"

(#10164) Reject and document icmp => "any"

iptables accepts the string "any" as an ICMP type and stores it behind the
scenes as the fake (IANA reserved) numeric 255. This is functionally
equivalent to not specifying an `--icmp-type` argument.

ip6tables didn't carry this "feature" over. Like many other providers, the
matching of any ICMP packet type is only achieved by omitting the
`--icmpv6-type` arugment.

For the purpose of simpler logic and future provider compatibility we
prevent people from using the value "any" and advise them to omit/undefine
the param instead.

Include a test that somewhat duplicates the prevention of invalid strings
but would preserve this behaviour should icmp_name_to_number() ever change.