On 2020-03-31 Alberto Abrao wrote:
I must make it clear that I don't expect anyone to walk me through it, hold my hand or anything. Some recommended reading would be all it takes, even if it's a monster tome. And I can't think of a better place to ask for this than here, otherwise I will have tons of people selling me Cisco stuff or whatever.
That's a great question. I wish I could refer you to a great tome (especially an O'Reilly book!) that would give the birds eye view of how you achieve your goals. Alas, even though I have 250 print ORM / NSP / Wiley books, none I've ever seen fits that bill.
If I think back to how I learned this type of stuff (besides my University network course which was like a ISS-level view) it was basically reading iptables and tc man pages and looking at netfilter packet flow charts (some very good ones out there!) and then just tinkering.
There is a NSP "Linux Firewalls" book (just won at the last meeting, unfortunately) which gives a decent intro to iptables, but is fairly dated and mostly focuses on an obscure packet monitoring program the author wrote, which probably isn't used much anymore. Not useful for what you are doing.
I'm sure you'll find some pfsense books, but I bet there's not much for the DIYer who wants to roll their own (regardless of OS). Hopefully someone can prove me wrong!
The funny thing is, in the end you'll spend hours/days figuring out a new tool or kernel feature only to write a handful of lines in a script or config file somewhere that does what you want. But then it's yours forever (in many ways)!