ExitPolicy should apply to already established outbound connections (with a config option, off by default)

To reduce the impact of tor running out of free TCP source ports (see pending comment in #26646) we added a reject entry for the destination causing most outbound TCP connections to the ExitPolicy and restarted tor.

ExitPolicy reject 1.2.3.4:*  <<<< added to avoid outbound connections to this target
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy reject *:*

Expected: Tor should not create any connections to 1.2.3.4

Even after changing the torrc and restarting tor we see established TCP connections to 1.2.3.4, this is unexpected.