Book Review: Linux iptables Pocket Reference

Linux iptables: pocket reference

I’ve just read a really useful book on iptables: Linux iptables Pocket Reference.

It’s a great reference book which is quite short but packed with more details than you’ll ever want to know.

iptables is a great way to manage all your needs running a gateway server: proxying (transparent proxying), packet forwarding or one of the network address translation (NAT) schemes – it’s all possible via straight-forward and easy to remember interface.

The Linux iptables Pocket Reference  is a really great little book, and although it’s been written a good few years ago, most of the explanations still apply.

Introduction to iptables

I really liked the introductory part of the book, it explains (and shows with diagrams) what IP tables and chains are and how kernel processes them based on the iptables configuration.
Especially useful are the workflow illustrations, it is easy enough to understand how iptables work based on the functionality you’re after – for example with NAT the workflow will be different, although the names of the chains stay the same.

Common hook points in iptables

Common hook points (INPUT, OUTPUT, FORWARD, PREROUTING and POSTROUTING) are explained in a number of tables, so that eventually it becomes obvious how and why these are named and what should be used for your specific scenario.

This book expects you to have a rather good knowledge of IP networking. If you can’t tell a difference between TCP and UDP, or if you’re not familiar with their packet structure – many options will not make much sense until you fill these gaps using some other books or online resources.

Like any pocket reference, the Linux iptables Pocket Reference will give you the right kind of information if you know where to look and also know what you’re doing. If you don’t – just skip the most technical sections until you have a very good reason to revisit.

iptables command line tools

All the necessary command line tools are mentioned and explained, this means you will know what command to use when it’s time for you to review your existing iptables setup and to make some changes to it.

I had a relatively good idea about how iptables work, but thanks to this guide I now have a better understanding – my iptables debugging skills have definitely improved.

In short, I will recommend this book if you have heard about iptables but haven’t really used it much – the introduction part alone is worth the small price of the book.

If you like this review, please buy the book using this page: