Netstack (#1403)

Add netstack support for the agent to run it without privileges.

- use interface for tun device
- use common IPC for userspace WireGuard integration
- move udpmux creation and sharedsock to tun layer

iface/iface_create.go

@@ -0,0 +1,20 @@
+//go:build !android
+// +build !android
+
+package iface
+
+// Create creates a new Wireguard interface, sets a given IP and brings it up.
+// Will reuse an existing one.
+// this function is different on Android
+func (w *WGIface) Create() error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+
+	cfgr, err := w.tun.Create()
+	if err != nil {
+		return err
+	}
+
+	w.configurer = cfgr
+	return nil
+}