Linux firewall controls IP packets at they are entering, flowing through and exiting the machine. Each step is controlled by a set of rules. We have the input, forward, and output rules.
Each rule set is configured independantly and may be enabled independantly. Even if a rule set if configured, it may be turned off in the current dialog, generally for testing purpose.
If you enable one rule set, Linuxconf assumes it is in charge of the firewall and will make sure it is current (the kernel state match the configuration) every time you exit from Linuxconf (this is interactive, so you will notice).
If you do not enable any rule set, then you are on your own. This means you can use any tool you want to handle this task.