Just finished reading this book and I must recommend it to those who are firewall experts and people interested on the subject.
Giving an overview on iptables, it goes further than the standard "packet allow" or "packet drop" explanation, providing know how on stopping attacks even on the application level of the OSI layers.
The conjunction of iptables, psad and fwsnort builds a bulletproof jacket on your server, no more log digging to understand if a system has been compromised (stop the attack now, ask questions latter).
The language used is easy to understand, and most of all, every explanation has examples, so you can try on the spot what you've just learn.
Something to hang to, and definitely a great acquisition to your library.