Linnuts!, Eb Guenther

"Linux In A Nutshell" Revisited

In the summer of 2003 I wrote an enthusiastic review of O'Reilly's "Linux in a Nutshell" 4th Edition (to which book I shall henceforth refer as Linnuts). By the time the HAL-PC Magazine published the review, I had already become aware of the first of several undesirable "features", a serious omission in the command reference.

Out of the hundreds of commands covered in the reference, O'Reilly chose perhaps twenty as important enough to mention on the back cover. There they state, that "several new options to the iptables firewall command ... show the book's value as a security tool." I'm afraid that statement turns out to be so much hot air! You guessed it. The omission I discovered was in the coverage of 'iptables'. Note the command name. Missing from the 'iptables' reference is the command option to modify a specific table, the ‘-t tablename’ switch.

Other errors in the same section were another omission (the authors of iptables had added three more chains – INPUT, OUTPUT, FORWARD - to the mangle table in Linux kernel 2.4.18), and a typo (instead of PREROUTING, they named POSTROUTING as the only valid chain for the DNAT target).

I visited the O’Reilly website, and posted a comment about the ‘–t’ switch on their errata page for this particular book. So far, more than a year later, the only correction of these particular errors are in a separate booklet, “Linux iptables Pocket Reference”, which O’Reilly published in mid 2004, and sells for ten bucks.

There is no excuse for omitting the ‘-t’ switch in the book. It was sloppy writing and / or editing. The author correctly lists the tables in the introduction paragraph. In other words she was aware of them. The omission of the '-t' switch implies, that different tables are invoked automatically. In fact, only the 'filter' table (the default) is invoked automatically.

From a practical point of view, the missing switch in the iptables entry makes the command reference questionable, as all other entries in the book are now suspect. One expects reference books to be authoritative. They should be the last word on a subject, not the first. Especially, if the publisher considers the particular entry important enough to mention on the cover. Before this writing, a year and a half after the book came out, I revisited that errata page again. It only mentions a few minor typos, which supposedly were corrected in subsequent reprints, but not a word about ‘iptables’. I left another notice (in January 2005), waited three weeks, and decided to write about the problem here.

I checked the bookstores for signs, that they have corrected the problem in a later printing. No sign of this in late January 2005. It looks as if O'Reilly feels they have done enough to correct the omission by printing the separate ‘iptables’ reference, "Linux iptables Pocket Reference", a year after the Linnuts book. Admittedly, the warts have all been excised in this booklet. But just like Microsoft, O'Reilly apparently expects his customers to pay for the correction of the publisher's error by purchasing an "upgrade".

O'Reilly still pushes this book as an " indispensable reference". Something it can hardly be, as long as there are such serious errors left in it.

Can I recommend the "Linux iptables Pocket Reference"? Yes, as a free correction for the Linnuts book. As a stand-alone reference, it’s too pricey. Who needs a stand-alone iptables reference? If you bought the book, it couldn’t hurt to let O’Reilly know how you feel about their handling of this problem. Go ahead and demand a free “bug fix”. Offer them proof of purchase, and ask for a free copy of "Linux iptables Pocket Reference". If you like, tell 'em Eb sent you <g>.

Is “Linux in a Nutshell” worth keeping?

I’ll admit to some bias, as my personal interests in Linux lie in its use as a firewall. So the iptables fiasco affected me directly. Had O’Reilly provided an early fix, like a downloadable errata sheet, my answer might have been an unqualified “yes”.

Lacking any public admission of a major error by O’Reilly I have to wonder what else is wrong with the book. Why are they so reluctant to address an omission that could have been fixed with a single page of errata insert. If the only way to get the pocket reference booklet was to snip the barcode from Linnuts, I suppose I’d do that.

But my warm and fuzzy “Nutshell book to the rescue” feeling is gone forever.