How to remove Content Based Package restrictions ?

Question

How to remove Content Based Package restrictions ?

maxy1 opened this issue 8 months ago · 5 comments

Hi, Can you please tell me how to remove Content Based Package restrictions using xray ?
For example we have zoom packages with unlimited data. People use zoom.us as the SNI to bypass the traffic with tls I think they are using Xray to achieve this. I have been trying various config for past two weeks none is successful. ( its mainly due to lack of my knowledge and understanding. ).
if you can give me bit of clues example configs I really appreciate.

Answer 1 · 2024-04-19T08:45:50.000Z

Are you asking about Xray on your VPS and how the server side configuration is written? I didn't understand what specifically you wanted to ask with your question.

Answer 2 · 2024-04-19T09:36:27.000Z

Sorry yeah correct; I have Xray on my VPS. My issue is the server-side configuration how to set it up for this task?

Answer 3 · 2024-04-19T15:15:43.000Z

https://github.com/chika0801/Xray-examples/blob/main/VLESS-Vision-REALITY/config_server.json

            "streamSettings": {
                "network": "tcp",
                "security": "reality",
                "realitySettings": {
                    "dest": "zoom.us:443", // 目标网站最低标准：国外网站，支持 TLSv1.3、X25519 与 H2，域名非跳转用（主域名可能被用于跳转到 www）
                    "serverNames": [ // 客户端可用的 serverName 列表，暂不支持 * 通配符，在 Chrome 里输入 "dest" 的网址 -> F12 -> 安全 -> F5 -> 主要来源（安全），填证书中 SAN 的值
                        "zoom.us"
                    ],
                    "privateKey": "2KZ4uouMKgI8nR-LDJNP1_MHisCJOmKGj9jUjZLncVU", // 执行 xray x25519 生成，填 "Private key" 的值
                    "shortIds": [ // 客户端可用的 shortId 列表，可用于区分不同的客户端，0 到 f，长度为 2 的倍数，长度上限为 16，可留空，或执行 openssl rand -hex 1到8 生成
                        "6ba85179e30d4fc2",
                        "b9"
                    ]
                }
            },

You replaced Dest's URL with zoom.us's, is that what you mean?

Answer 4 · 2024-04-19T15:33:48.000Z

Thank you. This config didn't work for me because its a TLS secured connection. Our ISP needs tls on and allowinsecure: true. After that it can connect. So I need a config example which has tls and allowinsecure true.

Answer 5 · 2024-04-19T16:25:55.000Z

I can't help you any further with the situation in your area.

I would suggest you to try and use your own issued SSL certificate and set it up in the server side configuration.

In the client configuration turn on that parameter Start Unsecure Links in Xray. (allowinsecure true)

In this form, generally speaking, the configuration is modified using https://github.com/chika0801/Xray-examples/tree/main/VLESS-Vision-TLS For example, this generic TCP-TLS-like configuration combination.

I can't give you specifics on how the configuration file looks like, you'll just have to try it yourself.

Translated with DeepL.com (free version)