[Feature]: Add ACL "family" field (IPv4 / IPv6 / Dual)

[pheus]

NetBox version

v4.4.1

Feature type

Change to existing model

Proposed functionality

Summary
Introduce an explicit family field on the AccessList model to scope lists to IPv4, IPv6, or Dual. Enforce per‑ACLRule validation so match criteria align with the ACL’s family. Expose the family in the UI/API and add list filters to improve discoverability and data quality.

Data model changes

• AccessList
  • New field: family (choices): ipv4, ipv6, dual (default: ipv4).
• ACLRule (no schema change required for this FR)
  • Validation will ensure an ACL Rule’s source/destination and protocol fields are compatible with the parent ACL’s family.
  • For dual, allow either IPv4 or IPv6 per ACL Rule, but a single ACL Rule must not mix families.

Validation & behavior

• Creating/editing an ACL Rule under an ipv4 ACL requires IPv4 inputs/objects; similarly for ipv6.
• Under dual, IPv4 and IPv6 ACL Rules may coexist; raise a validation error if an individual ACL Rule mixes v4 and v6 criteria.
• Display Family on ACL list/detail pages; add filter chips (IPv4, IPv6, Dual).

API/serialization

• Include family in ACL serializers and REST filters (e.g., ?family=ipv6).

Migration plan

1. Schema migration: add ACL.family with default dual.
2. Optional helper: detect families by scanning existing ACL Rules (ipv6 if only v6; dual if both; else ipv4).

Testing

• Validator tests: reject v6 ACL Rule under an ipv4 ACL and vice versa; allow either under dual.

Use case

• Improves modeling accuracy and searchability for environments that maintain separate IPv4 vs IPv6 rulebases or combined (dual‑stack) policy sets.
• Prevents configuration drift and data entry mistakes by enforcing family consistency.
• Enables more precise vendor mappers and reports (e.g., inventory of v6‑only ACLs).

External dependencies

• None