GH-1019: deprecate icmp_conn params for ICMP events

Previously, a single `icmp_conn` record was built per ICMP "connection"
and re-used for all events generated from it.  This may have been a
historical attempt at performance optimization, but:

  * By default, Zeek does not load any scripts that handle ICMP events.

  * The one script Zeek ships with that does handle ICMP events,
    "detect-traceroute", is already noted as being disabled due to
    potential performance problems of doing that kind of analysis.

  * Re-use of the original `icmp_conn` record tends to misreport
    TTL and length values since they come from original packet instead
    of the current one.

  * Even if we chose to still re-use `icmp_conn` records and just fill
    in a new TTL and length value each packet, a user script could have
    stored a reference to the record and not be expecting those values
    to be changed out from underneath them.

Now, a new `icmp_info` record is created/populated in all ICMP events
and should be used instead of `icmp_conn`.  It also removes the
orig_h/resp_h fields as those are redundant with what's already
available in the connection record.

scripts/base/init-bare.zeek

@@ -188,6 +188,19 @@ type icmp_conn: record {
 	v6: bool;	##< True if it's an ICMPv6 packet.
 };
 
+## Specifics about an ICMP conversation/packet.
+## ICMP events typically pass this in addition to :zeek:type:`conn_id`.
+##
+## .. zeek:see:: icmp_echo_reply icmp_echo_request icmp_redirect icmp_sent
+##    icmp_time_exceeded icmp_unreachable
+type icmp_info: record {
+	v6: bool;      ##< True if it's an ICMPv6 packet.
+	itype: count;  ##< The ICMP type of the current packet.
+	icode: count;  ##< The ICMP code of the current packet.
+	len: count;    ##< The length of the ICMP payload.
+	ttl: count;    ##< The encapsulating IP header's TTL (IPv4) or Hop Limit (IPv6).
+};
+
 ## Packet context part of an ICMP message. The fields of this record reflect the
 ## packet that is described by the context.
 ##