Add setFirewallChainEnabled API

To deprecated firewallEnableChildChain netd binder and move the
functionality to tethering (connectivity) mainline module, expose
setFirewallChainEnabled to support the caller outside the module.
Currently the API are still call to netd. Will replace with the
implementation inside tethering (connectivity) module.

Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I9b64c9d12260521489a87fbeae5afbee2a8ea8f6

framework/src/android/net/ConnectivityManager.java

@@ -5660,4 +5660,26 @@ public class ConnectivityManager {
             throw e.rethrowFromSystemServer();
         }
     }
+
+    /**
+     * Enables or disables the specified firewall chain.
+     *
+     * @param chain target chain.
+     * @param enable whether the chain should be enabled.
+     * @throws IllegalStateException if set firewall chain failed.
+     * @hide
+     */
+    @SystemApi(client = MODULE_LIBRARIES)
+    @RequiresPermission(anyOf = {
+            android.Manifest.permission.NETWORK_SETTINGS,
+            android.Manifest.permission.NETWORK_STACK,
+            NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK
+    })
+    public void setFirewallChainEnabled(@FirewallChain final int chain, final boolean enable) {
+        try {
+            mService.setFirewallChainEnabled(chain, enable);
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
+    }
 }