check_bandwidth uses sudo tcpdump instead of checking kernel counters

Seems it would make much more sense not to use a one-time snapshot of tcpdump data on a hardcoded interface, but rather set up some basic iptables rules to measure the same thing continuously, and then read those counters periodically

The only thing I could imagine not working is iptables basic TCP match being too slow for the machines, but then, that's a problem in and of itself because it probably makes fail2ban and similar things untenable as well