fix(sandbox): block direct inet sockets in proxy mode

[drew]

Motivation

• The Linux seccomp setup previously treated NetworkMode::Proxy as allowing AF_INET/AF_INET6 socket creation, which lets sandboxed processes open direct IPv4/IPv6 sockets and bypass the proxy allowlist enforcement.
• The intent is to enforce proxy-only egress in non-Allow modes, so seccomp must block inet socket domains whenever seccomp network filtering is active.

Description

• Removed the proxy-dependent allow_inet branch and simplified build_filter to unconditionally include AF_INET and AF_INET6 in the blocked socket domains when seccomp is applied in non-Allow modes.
• Updated apply to call the new build_filter() signature and preserved the early return for NetworkMode::Allow so existing Allow behavior remains unchanged.
• Change is localized to crates/openshell-sandbox/src/sandbox/linux/seccomp.rs and is scoped to the minimal set of edits required to remediate the bypass.

Testing

• Ran cargo fmt --all -- --check which passed.
• mise run pre-commit failed in this environment due to local tool resolution and mise.toml trust/remote resolution warnings.
• cargo test -p openshell-sandbox and cargo check -p openshell-sandbox --lib were started but were long-running / blocked by heavy dependency compilation in this environment and could not be completed end-to-end here.

---

Codex Task

[github-actions]

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

---

I have read the DCO document and I hereby sign the DCO.

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.}

[johntmyers]

Closing in favor of consolidated re-implementation. See #350 for tracking.