I have just spent an enormous amount of time writing an extremely intricate firewall that makes use of iptables....
How long do you think iptables will be the standard linux firewall? It is the standard linux firewall isn't it?
and btw, Robert Ziegler's book, "Linux Firewalls", kicks ass...