Run iptables -w check against a usually small chain

The iptablesw check, that's just looking for whether -w is supported or
not, previousely caused iptables to list all rules, each time you do
a shorewall check or shorewall start/reload. That might be quite
a lot, depending on the amount of rules you have. It is also no
necessary to parse each rule just to check for -w. Let's switch to the
usually much smaller INPUT chain, to reduce the overhead

Shorewall/Perl/Shorewall/Config.pm

@@ -5818,7 +5818,7 @@ sub get_capabilities($)
     #
     # Determine if iptables supports the -w option
     #
-    $iptablesw = qt1( "$iptables -w -L -n") ? '-w' : '';
+    $iptablesw = qt1( "$iptables -w -n -L INPUT") ? '-w' : '';
 
     my $iptables_restore=$iptables . '-restore';