On Thu, 7 Jun 2007, Chris L. Morrow wrote:
Its not "content" blocking, its source/destination blocking.
oh, so null routes? I got the impression it was application-aware, or
atleast port-aware... If it's proxying or doing anything more than
port-level blocking it's likely it sees content as well, or COULD.
Either way, it's not like it's effective for anything except the m ost
casual of users :(
Its more than null routes, but not much more. The router does a re-route
on a list of network/IP address, and then for the protocols the redirector
box understands (i.e. pretty much only HTTP) it matches part of the
application/URL pattern.
So IWF can block only one part of a sub-tree of a popular shared
webhosting site *IF* is one of a few application protocols.