Changelog

New: Configurable upstream DNS resolver

When iron-proxy owns the system DNS - for example, running in a GitHub Action where all OS DNS is redirected to the proxy - upstream HTTP connections would loop back through the proxy's own resolver. The new dns.upstream_resolver setting gives the proxy a dedicated resolver for both passthrough DNS queries and upstream HTTP dials, breaking the loop.

If upstream_resolver is not set, behavior is unchanged: the OS default resolver is used.

Configuration

dns:
  listen: ":53"
  proxy_ip: "10.16.0.1"
  upstream_resolver: "8.8.8.8:53"

The resolver is used in two places:

1. DNS passthrough queries: domains matching passthrough patterns are forwarded to the upstream resolver instead of the OS default.
2. Upstream HTTP connections: when the proxy dials upstream servers, it resolves their hostnames via the upstream resolver, avoiding a loop through its own DNS.

New: gRPC Transform API

iron-proxy now supports delegating request/response handling to external gRPC servers via a new grpc transform. Build custom policy engines, request loggers, or body rewriters as standalone services and plug them into the pipeline.

  transforms:
    - name: grpc
      config:
        name: "policy-engine"
        target: "localhost:9500"
        send_request_body: true
        send_response_body: true
        rules:
          - host: "api.openai.com"
            methods: ["POST"]
            paths: ["/v1/*"]

Features:

• One server per transform entry. Chain multiple gRPC backends by adding multiple entries. They run in pipeline order.
• Selective routing via rules. Same host/CIDR/methods/paths syntax as the allowlist. Requests that don't match skip the gRPC call entirely.
• Body control. send_request_body and send_response_body opt in to forwarding bodies over gRPC. Bodies are capped by the global max_request_body_bytes / max_response_body_bytes settings.
• TLS support. Plaintext by default; enable TLS with optional custom CA and mTLS client certs via tls.enabled, tls.ca_cert, tls.cert, tls.key.

The proto schema lives in proto/transform/v1/transform.proto. Generated Go code is in gen/transform/v1/. Codegen uses https://buf.build.

Other changes

• Global body buffer limits. New proxy.max_request_body_bytes (default 1 MiB) and proxy.max_response_body_bytes (default uncapped) control how much transforms can buffer. Bodies are buffered incrementally as transforms read them and automatically rewound between pipeline stages.
• Streaming response writes. Response bodies are no longer fully buffered into memory before writing to the client. The proxy streams directly from the buffer and then the upstream connection.

New: Method and path matching in allowlist rules

The allowlist transform now supports per-rule HTTP method and path restrictions. Previously you could only allow or deny entire domains/CIDRs. Now you can lock down exactly which endpoints and methods are permitted.

New rules config:

transforms:
  - name: allowlist
    config:
      # Simple form still works — all methods, all paths
      domains:
        - "registry.npmjs.org"
 
      # New: restrict by method and/or path
      rules:
        - host: "api.openai.com"
          methods: ["POST"]
          paths: ["/v1/*"]
        - host: "*.anthropic.com"
          methods: ["POST"]
          paths: ["/v1/messages", "/v1/complete"]
        - cidr: "172.16.0.0/12"
          methods: ["GET"]

Each rule specifies a host (domain glob) or CIDR, plus optional methods and paths. Omitting methods or paths allows all. Path patterns ending in /* match any subpath (e.g. /v1/* matches /v1/chat/completions).

Existing configs with flat domain/CIDR lists continue to work unchanged.

Changelog

• e4e912e45696c4f846024079ac543f530a6f9beb Initial OSS release
• a18cedc36204a2a7308339e8058f3474dd566e41 Support HTTP Basic auth in secrets transform (#2)
• 6555a10622adb56fdc8e2ba786fe702e5a882a3a fix: Small clarifications in comparison table (#1)