Fully ignore private IP literals as outbound connections (early return)

[Mishenevd]

Summary

Follow-up to #308. The agent records every getAllByName() argument as an outbound connection, including raw private/internal IP literals. Those come from infrastructure, not real outbound domains, and flooded the "new outbound connection" feature with private IPs on port 0.

Sources we confirmed:

• Reactor Netty (WebClient / Netty-backed RestClient) resolver bootstrap on the first client call: 0.0.0.0 and :: from io.netty.channel.epoll.Native.<clinit>, and each /etc/resolv.conf nameserver via UnixResolverDnsServerAddressStreamProvider (private on ECS: VPC resolver 10.x, 169.254.169.253, 127.0.0.53).
• Service discovery connecting by IP (10.20.x.x), and a startup library resolving RFC1918 base addresses (10.0.0.0, 172.16.0.0, ...).

The fix

DNSRecordCollector.report() returns early when the looked-up host is a private IP literal:

Set<Integer> ports = PendingHostnamesStore.getAndRemove(hostname);

if (IsPrivateIP.isPrivateIp(hostname)) {
    return;
}
// ... record hostname, outbound blocking, SSRF (unchanged) ...

#308 only skipped the HostnamesStore record but still fell through to the outbound-domain blocking check. In lockdown mode (blockNewOutgoingRequests) that would block these internal resolutions and break the app. The early return skips both the record and the block, consistent with the other Zen agents.

Behaviour

Scenario	Result
Resolve or connect to a private IP literal (getAllByName("10.20.11.143"), or Netty bootstrap resolving 0.0.0.0 / nameservers)	Fully ignored. Not recorded as an outbound connection, and not run through outbound blocking, so lockdown mode does not block it.
Private IP reached via a URL (http://10.0.0.1:8080)	URLCollector registers the pending port, then getAllByName("10.0.0.1") returns early. Nothing recorded, not blocked in lockdown, and the pending port is still consumed.
Outbound to a real domain, including internal names that resolve to a private IP (keycloak.internal...)	Unchanged. Hostname recorded, lockdown still applies, SSRF / stored-SSRF still run on the resolved IPs.
Public IP literal	Unchanged. Still recorded.

SSRF is unaffected: it never fires on an IP literal (hostname == ip is treated as "no resolution, safe"), and real domains do not hit the early return.

Tests

• testPrivateIpLiteralNotRecordedAsOutboundHostname, testPrivateIpLiteralWithPendingPortStillConsumedButNotRecorded (from Don't record private IP literals as outbound hostnames (Zen alert flood) #308) still pass.
• testPrivateIpLiteralNotBlockedInLockdownMode — a private IP literal is not blocked in lockdown mode.
• testPrivateIpLiteralViaUrlInLockdownNotBlockedNorRecorded — private IP via URL: not recorded, not blocked, pending port consumed.
• testHostnameResolvingToPrivateIpStillRecorded, testPublicIpLiteralStillRecorded confirm domains and public IPs are unaffected.

🤖 Generated with Claude Code

Summary by Aikido

Security Issues: 0	Quality Issues: 0	Resolved Issues: 0

🐛 Bugfixes

• Ignored private IP literals early to prevent recording and blocking

^{More info}