Good Luck! I was in the same position a year and a half ago. Make sure you have access to two boxes, one local with ip tables and one remote with nmap. The best thing you can do aside from learning how to configure iptables or ipchains, is to learn nmap inside and out or you will never know if your firewall is really working.