Change attribute bind_nat to attributes nat_in and nat_out

[hknutzen]

Currently we use attribute "bind_nat = tag1, ...;" to bind a list of NAT tags to an interface.
Binding means:
If packets leave this interface, then NAT defined by "nat:tag1" is applied.

For a router with many interfaces and the case that NAT is applied to all but one interface,
it becomes laborious to add bind_nat to many interfaces.

We should offer two modes of applying NAT:

1. "nat_out" takes the role of current "bind_nat"
2. "nat_in = t1, ...;" at an interface means:
   If a packets enters this interface, then NAT defined by "nat:t1" is applied at each interface without "nat_in = t1".

Approach:

• Store values of nat_in at new attribute "natIncoming" of interface.
• Add values of nat_in to nat_out.
• Show an error if a NAT tag is used at both nat_in and nat_out at the same router.
• Error messages which mention "nat_out" must be changed to show the original attribute "nat_in".
  E.g. "tag1 (from nat_in)"