Feature Request
Problem
When Chinese users (and many others) use a TUN mode proxy (V2RayN, Clash, etc.), the DNS resolver returns Fake-IP addresses (e.g., 198.18.x.x, 127.0.0.1) for all domains. This is a standard transparent proxy behavior.
When using web_fetch to access any URL in this scenario, it fails with:
[tools] web_fetch failed: Blocked: resolves to private/internal/special-use IP address raw_params={"url":"https://example.com"}
This is because web_fetch has a hardcoded SSRF protection that blocks all private/internal IPs. While this is a valid security measure, it completely breaks web_fetch for anyone using TUN mode — a very common setup in regions with restricted internet access.
Why existing workarounds don't work
- Changing DNS settings in the proxy — doesn't help because TUN mode intercepts all DNS at the network layer.
- Using
curl instead — works as a workaround, but defeats the purpose of having a built-in web_fetch tool.
- Setting
allowPrivateNetwork in config — this config option doesn't exist yet for web_fetch (unlike the browser tool which has ssrfPolicy).
Related Issues (unresolved)
Multiple users have reported this, but there's still no working solution.
Proposed Solutions
Option A (Preferred): Add a config option like tools.web.fetch.allowPrivateNetwork or tools.web.fetch.ssrfPolicy to let users opt-in to private IP access.
Option B: Detect when the Fake-IP range (198.18.0.0/15) is being used and apply a different resolution strategy (e.g., resolve through the proxy's DNS chain).
Option C: Document a reliable workaround for TUN mode users.
Environment
- OpenClaw version: Latest
- Proxy: V2RayN / Clash in TUN mode
- OS: Windows / Linux / macOS
- DNS: Fake-IP mode
Impact
This affects millions of users in China and other regions who rely on TUN proxies for daily internet access. The current web_fetch tool is essentially unusable for them when TUN is active.
Feature Request
Problem
When Chinese users (and many others) use a TUN mode proxy (V2RayN, Clash, etc.), the DNS resolver returns Fake-IP addresses (e.g.,
198.18.x.x,127.0.0.1) for all domains. This is a standard transparent proxy behavior.When using
web_fetchto access any URL in this scenario, it fails with:This is because
web_fetchhas a hardcoded SSRF protection that blocks all private/internal IPs. While this is a valid security measure, it completely breaksweb_fetchfor anyone using TUN mode — a very common setup in regions with restricted internet access.Why existing workarounds don't work
curlinstead — works as a workaround, but defeats the purpose of having a built-inweb_fetchtool.allowPrivateNetworkin config — this config option doesn't exist yet forweb_fetch(unlike the browser tool which hasssrfPolicy).Related Issues (unresolved)
allowPrivateNetworkconfig requestssrfPolicy.dangerouslyAllowPrivateNetworkrequestssrfPolicyconfig requestallowRfc2544BenchmarkRangeconfig requestMultiple users have reported this, but there's still no working solution.
Proposed Solutions
Option A (Preferred): Add a config option like
tools.web.fetch.allowPrivateNetworkortools.web.fetch.ssrfPolicyto let users opt-in to private IP access.Option B: Detect when the Fake-IP range (
198.18.0.0/15) is being used and apply a different resolution strategy (e.g., resolve through the proxy's DNS chain).Option C: Document a reliable workaround for TUN mode users.
Environment
Impact
This affects millions of users in China and other regions who rely on TUN proxies for daily internet access. The current
web_fetchtool is essentially unusable for them when TUN is active.