rc.firewall script questions

[<kathya6200 () yahoo com>]

I have a few questions about the rc.firewall script - 

on the sebek logging section - if set to 'yes' , I understand that the 
dst_ip's will be dropped, but am assuming that sebek packets are still 
captured at the honeywall.  Also, would 'outside the honeynet' include 
the 'production' systems in your Figure A?  
 
2) the section titled "VARIABLES THAT RESTRICT WHAT THE FIREWALL CAN SEND 
OUT " - does the firewall here refer to the honeywall?  If this restricts 
data to certain ports, does this supercede the connection-limiting (snort-
inline) rules?  As u can tell, I'm a bit confused about this area.  Thanks 
for any help u can give me-