Add Dockerfile and README for deploying probetest

The easiest way to set up the probe server behind a symmetric NAT is to
deploy it as a Docker container and alter the iptables rules for the
Docker network subnet that the container runs in.

probetest/README.md

@@ -0,0 +1,44 @@
+This is code for a remote probe test component of Snowflake.
+
+### Overview
+
+This is a probe test server to allow proxies to test their compatability
+with Snowflake. Right now the only type of test implemented is a
+compatability check for clients with symmetric NATs.
+
+### Running your own
+
+The server uses TLS by default.
+There is a `--disable-tls` option for testing purposes,
+but you should use TLS in production.
+
+To build the probe server, run
+```go build```
+
+To deploy the probe server, first set the necessary env variables with
+```
+export HOSTNAMES=${YOUR HOSTNAMES}
+export EMAIL=${YOUR EMAIL}
+```
+then run ```docker-compose up```
+
+Setting up a symmetric NAT configuration requires a few extra steps. After
+upping the docker container, run
+```docker inspect snowflake-probetest```
+to find the subnet used by the probetest container. Then run
+```sudo iptables -L -t nat``` to find the POSTROUTING rules for the subnet.
+It should look something like this:
+```
+Chain POSTROUTING (policy ACCEPT)
+target     prot opt source               destination
+MASQUERADE  all  --  172.19.0.0/16        anywhere
+```
+to modify this rule, execute the command
+```sudo iptables -t nat -R POSTROUTING $RULE_NUM -s 172.19.0.0/16 -j MASQUERADE --random```
+where RULE_NUM is the numbered rule corresponding to your docker container's subnet masquerade rule.
+Afterwards, you should see the rule changed to be:
+```
+Chain POSTROUTING (policy ACCEPT)
+target     prot opt source               destination
+MASQUERADE  all  --  172.19.0.0/16        anywhere      random
+```