policy: Handle pass rules during enforcement

Handle pass rules during enforcement by skipping past the passed-over
rules when a rule with a pass verdict matches. This is more
straightforward and gets rid of precedence promotioin altogether, which
is made possible by the duplication of wildcard-port rules into the
port-specific rulesets, as after that change there is no need to compare
precedences between multiple lookups. Since there is no transformation on
the rules, the applied rules have the same shape as the imported policy,
which makes debugging easier. The implementation skips over the
passed-over rules without scanning all of them so the performance should
be similar to the previous implementation.

Signed-off-by: Jarno Rajahalme <jarno@isovalent.com>

Author: jrajahalme