[97320] in North American Network Operators' Group
Re: Network Level Content Blocking (UK)
daemon@ATHENA.MIT.EDU (Sean Donelan)
Thu Jun 7 14:47:53 2007
Date: Thu, 7 Jun 2007 14:46:44 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: "Chris L. Morrow" <christopher.morrow@verizonbusiness.com>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.58.0706071824220.1179@marvin.argfrp.us.uu.net>
Errors-To: owner-nanog@merit.edu
On Thu, 7 Jun 2007, Chris L. Morrow wrote:
>> Its not "content" blocking, its source/destination blocking.
>
> oh, so null routes? I got the impression it was application-aware, or
> atleast port-aware... If it's proxying or doing anything more than
> port-level blocking it's likely it sees content as well, or COULD.
>
> Either way, it's not like it's effective for anything except the m ost
> casual of users :(
Its more than null routes, but not much more. The router does a re-route
on a list of network/IP address, and then for the protocols the redirector
box understands (i.e. pretty much only HTTP) it matches part of the
application/URL pattern.
So IWF can block only one part of a sub-tree of a popular shared
webhosting site *IF* is one of a few application protocols.
