Exactly, this means if they try to use the above method to try to block users, they would block a lot of innocent users.

That's why it's not foolproof, and they're safer to let people use their network without something as extreme as packet sniffing for different browers / OS signatures.

So bottom line, it's very very hard for an ISP to block NAT routers. If they try to do so, they may inadvertently block innocent users.

This is good news for you and me. This means with a few simple steps, like using a VPN, a DD-WRT router that does not decrement the TTL value, a MAC id that mimics a computer, it would be practically impossible for a ISP to detect / block a NAT router.