From 9c3b7b7b151b7ecdf5b18ebbb8967f26886d9346 Mon Sep 17 00:00:00 2001 From: Jesse Merhi <79823012+jesse-merhi@users.noreply.github.com> Date: Mon, 4 May 2026 10:52:47 +1000 Subject: [PATCH] docs: clarify IRC managed proxy coverage (#76822) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Summary: - The PR adds a changelog note plus IRC and network-proxy documentation stating that IRC raw TCP/TLS egress is outside operator-managed forward proxy routing and should be disabled unless direct egress is approved. - Reproducibility: not applicable. for this docs-only PR. Source inspection establishes the documented premise ... kets while managed proxy routing covers normal HTTP/WebSocket paths and documents raw-socket bypass limits. Automerge notes: - PR branch already contained follow-up commit before automerge: fix(clawsweeper): address review for automerge-openclaw-openclaw-7682… Validation: - ClawSweeper review passed for head 7dde35adb9b60fe30dcc171338e33107b2ed5df8. - Required merge gates passed before the squash merge. Prepared head SHA: 7dde35adb9b60fe30dcc171338e33107b2ed5df8 Review: https://github.com/openclaw/openclaw/pull/76822#issuecomment-4366671907 Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com> Co-authored-by: clawsweeper <274271284+clawsweeper[bot]@users.noreply.github.com> --- CHANGELOG.md | 1 + docs/channels/irc.md | 1 + docs/security/network-proxy.md | 1 + 3 files changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4cd2e2e358..2fd3141fb61 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ Docs: https://docs.openclaw.ai - Agents/commands: add `/steer ` for queue-independent steering of the active current-session run without starting a new turn when the session is idle. (#76934) - Tools/BTW: add `/side` as a text and native slash-command alias for `/btw` side questions. - Doctor/config: `doctor --fix` now commits safe legacy migrations even when unrelated validation issues (e.g. a missing plugin) prevent full validation from passing, so `agents.defaults.llm` and other known-legacy keys are always cleaned up by `doctor --fix` regardless of other config problems. Fixes #76798. (#76800) Thanks @hclsys. +- Docs: clarify that IRC uses raw TCP/TLS sockets outside operator-managed forward proxy routing, so direct IRC egress should be explicitly approved before enabling IRC. Thanks @jesse-merhi. - Agents/tools: skip optional media and PDF tool factories when the effective tool denylist already blocks them, avoiding unnecessary hot-path setup for tools that will be filtered out before model use. (#76773) Thanks @dorukardahan. - Discord/status: let explicit reaction tool calls opt into tracking subsequent tool progress on the reacted message with `trackToolCalls: true`, and use the shared tool display emoji table for status reactions. - Gateway/config: stop Gateway startup and hot reload from auto-restoring invalid config; invalid config now fails closed and `openclaw doctor --fix` owns last-known-good repair. diff --git a/docs/channels/irc.md b/docs/channels/irc.md index bc3b5cd7c7b..f06d6b0b6c1 100644 --- a/docs/channels/irc.md +++ b/docs/channels/irc.md @@ -39,6 +39,7 @@ openclaw gateway run ## Security defaults +- IRC uses raw TCP/TLS sockets outside OpenClaw operator-managed forward proxy routing. In deployments that require all egress through that forward proxy, set `channels.irc.enabled=false` unless direct IRC egress is explicitly approved. - `channels.irc.dmPolicy` defaults to `"pairing"`. - `channels.irc.groupPolicy` defaults to `"allowlist"`. - With `groupPolicy="allowlist"`, set `channels.irc.groups` to define allowed channels. diff --git a/docs/security/network-proxy.md b/docs/security/network-proxy.md index 49d4eb1fdb2..e8439fdc264 100644 --- a/docs/security/network-proxy.md +++ b/docs/security/network-proxy.md @@ -193,6 +193,7 @@ proxy: - The proxy improves coverage for process-local JavaScript HTTP and WebSocket clients, but it is not an OS-level network sandbox. - Raw `net`, `tls`, and `http2` sockets, native addons, and child processes may bypass Node-level proxy routing unless they inherit and respect proxy environment variables. +- IRC is a raw TCP/TLS channel outside operator-managed forward proxy routing. In deployments that require all egress through that forward proxy, set `channels.irc.enabled=false` unless direct IRC egress is explicitly approved. - User local WebUIs and local model servers should be allowlisted in the operator proxy policy when needed; OpenClaw does not expose a general local-network bypass for them. - Gateway control-plane proxy bypass is intentionally limited to `localhost` and literal loopback IP URLs. Use `ws://127.0.0.1:18789`, `ws://[::1]:18789`, or `ws://localhost:18789` for local direct Gateway control-plane connections; other hostnames route like ordinary hostname-based traffic. - OpenClaw does not inspect, test, or certify your proxy policy.