Prevent attempts to configure proxies or transports on non-local addresses (or warn loudly?)

Right now, you can configure unmanaged transports and socks/dns listeners on non-localhost addresses.

That's a pretty bad idea, and we ought at least to warn about it. Conceivably we should reject it completely unless the user sets an i_know_what_im_doing option.

(Reasons not to reject these configurations might include cases where someone is doing something tricky using VMs and private networks.)

We should also verify that managed transports tell us localhost addresses only.