Problem

Users behind certain proxy tools (e.g., Shadowrocket in fake-ip mode on iOS/macOS) experience all DNS resolutions mapping to private IP ranges like 198.18.x.x. This triggers OpenClaw's SSRF protection, blocking web_fetch and web_search tools from accessing any external domain.

The recent fix in src/telegram/bot/delivery.ts (adding allowedHostnames: ["api.telegram.org"]) elegantly solved this for Telegram media downloads. However, other tools (web_fetch, web_search) still fail because they have no such allowlist.

Proposed Solution

Add a user-configurable ssrf.allowedHostnames field in the gateway config:

{
  "ssrf": {
    "allowedHostnames": [
      "api.search.brave.com",
      "github.com",
      "raw.githubusercontent.com"
    ]
  }
}

When a hostname is in this allowlist, skip the private-network IP check (same logic as TELEGRAM_MEDIA_SSRF_POLICY in delivery.ts).

Why Not Just Fix the Proxy?

• Some proxy configurations are not fully user-controllable
• DNS-based fake-ip is a common pattern in China and other regions with network restrictions
• A configurable allowlist gives users a safe, targeted escape hatch without disabling SSRF protection entirely

Current Workaround

Using exec + curl bypasses SSRF checks since it runs via the system shell, but this loses the clean markdown extraction and safety guarantees of web_fetch.

Environment

• macOS (Apple Silicon)
• Shadowrocket proxy with fake-ip mode
• OpenClaw latest (post-commit ed3412963)