Has the comp.security.firewalls group though about developing an IPTABLES best practices guide? There are plenty of resources on how to work with IPTABLES but so far no resources on the best way to work with IPTABLES. For instance is a linear single script file the best and most manageable solution? Rule based with individual rules contained in individual files? Break up files based on chain? Is it better to maintain your rules via a tool such as FWBuilder? How does that apply in a large enterprise versus a small home user? How much is too much? How much is too little?
If anyone is interested lets get some people talking in this group and perhaps with enough interest I could host up a wiki or something we can work with (I have some un-used bandwidth and hosting service).
I think we could even work with this a bit more generically also. But lets get some dialog started.