Update ecn tunneling functions to follow RFC 6040.
Add ECN_COMPLETE to support dangerous packet reporting
without causing extra cost to existing caller functions.

Update ECN_ALLOWED updated to follow the MUST requirements of RFC 6040.

Consumers can choose between ECN_COMPLETE and ECN_ALLOWED
based on their requirements.

Update IPv6 wrappers to use IPV6_FLOWLABEL_LEN to guide other developers.

Finally, return values are specified as macro to reduce
confusion, considering extra return values for ECN_WARN
and ECN_ALARM were added.

Note: these changes are necessary for the geneve (RFC 8926)
implementation.

I used scapy to verify expected results.
Below is a sample Scapy packet creation for ECN_DROP:

"IPv6(src='SRC_TUNNEL', dst='DST_TUNNEL', tc=3)/UDP(dport=6081,
    sport=54123)/GENEVE(proto=2048, vni=23)/IP(src='SRC_HOST',
    dst='DST_HOST', tos=0)/ICMP(type=8)"

You can test it with existing tunnel drivers that support ECN
such as gif(4) by applying IFF_LINK1 to make it ECN friendly.