Start by learning packet traversal through the tables/chains. Then learn the supported matches and targets. Netfilter isn't complicated if you take the time to learn it. I recommend avoiding any premade firewall scripts initially.
Religion is regarded by the common people as true,
by the wise as false,
and by the rulers as useful.
— Lucius Annæus Seneca.
Terrorism, the new religion.