Add a Config option to disable forwarding

Private nodes should never accept a forwarded HTLC. Sure, there should be no reason anyone would ever want to forward through one either, but we currently don't have a config option to reject them which we should as they can have security implications.