Added --icmp-type 'any' (with capabilities test)

Added --icmp-type 'any' (with capabilities test)

Bug fix for recent versions of iptables (such as 1.4.12) where the icmp
match requires --icmp-type to be set - some Snort rules look for a string
to match in icmp traffic, but don't also specify an icmp type.