XMPlus XMPlus
Miscellaneous

Blocking Rules

This section is for server Rules

Server Rules

Used for blocking access to the type and rule for a node.

Types

Domain: string

  • Using Pure string: Same as the substring below, but the preceding "keyword:" can be omitted. For example, google.com as the rule value
  • Using Regular expression: It starts with "regexp:" and the rest is a regular expression. This rule takes effect when this regular expression matches the target domain name. For example regexp:\\.goo.*\\.com$ matches www.google.com, fonts.googleapis.com, but not google.com. Case sensitive
  • Using Substring: Begins with "keyword:", and the remainder is a string. This rule applies when this string matches any part of the target domain name. For example, keyword:sina.com can match sina.com, sina.com.cn, and www.sina.com, but not sina.cn
  • Using Full match: Begins with "full:" followed by a domain name. This rule applies when the domain name completely matches the target domain name. For example, full:xray.com matches xray.com but not www.xray.com
  • Using List of predefined domain names: starting with "geosite:", and the remaining part is a name, such as geosite:google or geosite:cn. Name and domain name list reference Predefined domain name list. You can also view the full domain list here Domain list community.

IP: string

  • Using pure string: Example 12.0.0.1
  • Using CIDR: in the form of 10.0.0.0/8, you can also use 0.0.0.0/0 ::/0 to specify all IPv4 or IPv6.
  • Using Predefined IP list: This list is included in every Xray installation package, named geoip.dat. It is used in the form of geoip:cn, and must begin with geoip: (lowercase), followed by a two-character country code, supporting almost all countries where internet access is available.

Special value: geoip:private, contains all private addresses, such as 127.0.0.1.

The ! function negates the selection; geoip:!cn indicates results not in geoip:cn. Multiple negations are related by AND, while positive options, positive options, and all negations are related by OR. For example, geoip:!cn, geoip:!us, geoip:telegram matches IPs that are neither in the US nor China, or IPs from Telegram.

Port: string

  • "a-b": a and b are both positive integers and less than 65536. This range is a closed range before and after. When the target port falls within this range, this rule takes effect.
  • a: a is a positive integer and less than 65536. This rule takes effect when the destination port is a.
  • A mixture of the above two forms, separated by commas ",". The format is: "53,443,1000-2000".

Protocol: string

"http" | "tls" | "quic" | "bittorrent"

  • http only supports 1.0 and 1.1 and does not currently support h2. (Clear text h2 traffic is also very rare)
  • tls TLS 1.0 ~ 1.3
  • quic Due to the complexity of the protocol, sniffing may sometimes fail.
  • bittorrent only has the most basic sniffing, which may not work for a lot of encryption and obfuscation.

Payment Method

Add a new payment Method

Proxy Client

Adding a new proxy client type

Copyright © 2026 XMPlus