Hi, I'm looking to deploy Shadowsocks as I need an authenticating socks5 proxy. I was just wondering if is possible to block what targets the proxy clients can connect to. In particular, I'm worried that should someone compromise the socks5 client they could leverage it to connect to other internal VLANs that opnsense can see.
The question is can I block socks5 clients from connecting to RFC1918 networks?