Packet Filtering

Packet filtering is usually implemented on a router or access server. It has the least impact on overall network performance, but is the least effective type of filtering.

Packet filtering works at layer 4 - the destination address and port number of each packet are checked. Packets to inappropriate sites are dropped.

In most implementations, the only indication that an end-user has that they are being filtered is that they get no response to their query. Some attempts have been made to provide some interactivity, but with limited success.

This scheme doesn't deal well with large amounts of content - in particular, IP-independent virtual hosts (WebCom) and hosts with mixed content (GeoCities, Yahoo, etc) must be completely blocked or completely allowed.