This had to be able to build on OS X before to make verify-typecheck pass, but now that that's fixed we can tag the code properly as being linux-only.
There were previously some strange iptables-rule-parsing functions that were only used by two unit tests in pkg/proxy/ipvs. Get rid of them and replace them with some much better iptables-rule-parsing functions.