Pause and retry ipset deletion if it fails the first time

[NeonSludge]

There is an issue (#3847) with using both iptables in the nft mode and ipset on modern kernels (for example, the ones used by CentOS 8 or Ubuntu 20.04). If an ipset is being destroyed right after deleting a referencing rule then there is a good chance that the ipset destroy command will fail with a "Set cannot be destroyed: it is in use by a kernel component" error.

The more permanent solution would be retiring ipset and iptables-nft altogether, fully migrating to nftables and leveraging its native data types support instead of the IP sets.
This might be a lengthy process, so this PR offers a temporary solution until then: a second try after a 100ms pause that gets triggered if ipset destroy fails.

[bboreham]

Thanks! Agreed this is not ideal but will hopefully improve symptoms in the short term.