openclaw - 💡(How to fix) Fix [Feature]: Allow configuring SSRF policy for web_fetch (allowRfc2544BenchmarkRange) [1 comments, 2 participants]

Summary

Allow users to configure the SSRF guard policy for web_fetch via openclaw.json, specifically the ability to whitelist RFC 2544 benchmark ranges (198.18.0.0/15) which are commonly used as "fake IP" addresses by transparent DNS proxies (e.g. Tailscale, Clash, OpenClash).

Problem to solve

When a transparent DNS proxy (fake-IP mode) resolves all DNS queries to addresses in the 198.18.0.0/15 range, web_fetch fails with:

Blocked: resolves to private/internal/special-use IP address

This affects users running OpenClaw behind routers/proxies with fake-IP DNS (very common in China and other regions). The entire web_fetch tool becomes unusable for any overseas domain.

Root cause analysis

• web_fetch calls fetchWithWebToolsNetworkGuard() without passing a custom ssrfPolicy
• This defaults to strict mode where allowRfc2544BenchmarkRange is false
• isBlockedSpecialUseIpv4Address() in ip-9u9YJphw.js line 158 returns true for 198.18.x.x unless allowRfc2544BenchmarkRange === true

Note: WEB_TOOLS_TRUSTED_NETWORK_SSRF_POLICY (with allowRfc2544BenchmarkRange: true) already exists in web-shared-CGUlqLIo.js line 263 but is only used by withTrustedWebToolsEndpoint(), which web_fetch does not call.

Proposed solution

Add a config option in openclaw.json under tools.web.fetch:

{
  "tools": {
    "web": {
      "fetch": {
        "ssrfPolicy": {
          "allowRfc2544BenchmarkRange": true
        }
      }
    }
  }
}

Implementation: In the web_fetch tool handler (pi-embedded-yhO3edNd.js ~line 16158), read the SSRF policy from config and pass it to fetchWithWebToolsNetworkGuard():

const ssrfPolicy = config.tools?.web?.fetch?.ssrfPolicy;
const result = await fetchWithWebToolsNetworkGuard({
  url: params.url,
  maxRedirects: params.maxRedirects,
  timeoutSeconds: params.timeoutSeconds,
  lookupFn: params.lookupFn,
  policy: ssrfPolicy, // NEW: pass user-configured SSRF policy
  init: { ... }
});

This would allow users who know they're behind a fake-IP proxy to opt-in to allowing 198.18.x.x ranges, while keeping the default secure behavior unchanged.

Alternatives considered

1. Always use withTrustedWebToolsEndpoint for web_fetch — Too permissive, also enables env proxy
2. Disable fake-IP in router — Not always possible (shared network, ISP-level)
3. External DoH-based fetch workaround — Works but lacks SSRF protection, skips cert verification, and doesn't integrate with OpenClaw's caching/proxy infrastructure

Impact

• Affected: Users behind transparent DNS proxies (fake-IP mode), particularly common in China with OpenClash/Tailscale
• Severity: Blocks workflow — web_fetch completely broken for overseas domains
• Frequency: Always affected when fake-IP DNS is active

Additional information

• Must remain backward-compatible: default behavior should stay strict (block 198.18.x.x)
• Only users who explicitly set allowRfc2544BenchmarkRange: true should be affected
• Consider documenting this option in the web_fetch tool description when enabled
• Environment: OpenClaw v2026.4.7 on Kali GNU/Linux Rolling