Administrative rights.
IPFIREwall is studied to allow every user who wants to run a graphical interface
on the top of linux to take advantage of a personalized network firewall.
Anyway, an unprivileged user cannot change those critical settings which are instead apanage
of the machine administrator. Everyone can add his own rules, can have his own sites blocked, but must
undergo the root's ruleset and decisions.
This is done for the safeness of the host connected to the network.
For instance, a user cannot stop the firewall, or change the administrator's rules. Moreover,
he won't be allowed to leave his rules loaded when he turns off the interface.
Finally, the kernel dynamic tables configuration is left to the administrator too.
See the section command line options for further
information about options and administrative rights.