News broke yesterday that Nokia and Siemens had enabled Iran to do deep packet inspection. The sale of this capability has been defended as an integral part of technology required for network access. In other words, when Iran invests in core communications infrastructure it will inevitably get the ability to look inside and reshape the traffic that it now carries.
Whether or not you agree with the politics of this situation, very interesting analysis is possible as demonstrated by Arbor. They have posted a map of recent Iranian Traffic Engineering and also noted why Iran is unlikely to completely block off communication:
Iran has significant commercial and technological relationships with the rest of the world. In other words, the government cannot turn off the Internet without impacting business and perhaps generating further social unrest.
That means Iranian traffic is highly likely to be manipulated and monitored instead of blocked. This is a much higher level of sophistication in security terms, as I explained before with regard to cell phones in prisons. I would therefore expect to see counterintelligence used for things like Twitter misinformation, as I explained before with regard to protests in Egypt and the militias in Somalia.