parent.$.fancybox.close(); called from the iframe content should cause FancyBox to close, similarly with
parent.$.fancybox.resize(); but ... this is not true in all cases!
For example, if the iframe content is a web page from another domain (other website) this will not work. The call is intercepted and blocked to prevent a real world security issue called "cross-site scripting".
Is your iframe content pulled from another domain than the domain of the original page from where you open FancyBox?
If so, there might still be a way: create a file in your site root called crossdomain.xml filled with:
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<allow-access-from domain="*.the-other-domain.com" />
Where you replace the text
*.the-other-domain.com with that other domain name. The * is a wild-card to allow a wider scope of sub-domains (including www) for example, but can also be used on its own to allow access for ALL domains out there. But be warned, allowing cross domain access to sites you do not trust, DOES bring along a security issue! Read/search on Google for more...