Made the following changes to the clientside code to support Linux
firewalls:

- Made os_fwconfig_line() actually do something.
- getfwconfig() adds an 'IPS' hash to the fwinfo hash.  This contains
  the IP address for each host, much like how the 'MACS' hash contains
  the MAC address for each host.  This is needed because ebtables (which
  is needed for ARP proxying) doesn't resolve hostnames.

Rules are stored in firewall/iptables-fw-rules.  Syntax is similar to
fw-rules, but without the rule number (since iptables doesn't use rule
numbers).  These should be equivalent to our ipfw-based rules, but I
haven't tested every case yet to confirm this.  I'm sure some changes
will be necessary.