I use Firestarter with my Ubuntu Dapper Linux desktop.

I have one computer which is connected to the internet via Ethernet Cable modem, that's it, no router, nothing special and no wireless or additional local computers.

For this one desktop machine, do I need to enable any special settings for DHCP to continue to work properly?

What addresses should I allow as incoming? I allow all outgoing permissive since restrictive was causing me problems.

Do I need to block any broadcast traffic? (in advanced settings)

What about blocking traffic from reserved addresses (in advanced settings)

What incoming 68/67 ports should I allow and should I disallow? I see a lot of incoming on those ports from 10.x.x.x for example, should I allow those?

My /etc/hosts file just has 127.0.0.1 for localhost and my username-desktop I would add more to block advertisements and stuff but it gets reset every time so I just leave those two entries in, is this fine or do I need to add my modem's IP in there too by way of the network admin config in Gnome settings? Will addding that there stay?

I'm asking here at linuxquestions.org because there are a lot of security experts here

I don't need dhcpd I take it since I only have one computer connected to the internet?

you probably won't need to allow any incoming connections at all in order for DHCP (client) to work... as long as you have a rule for ESTABLISHED,RELATED packets, you should be fine... if, however, you do in fact need to let incoming DHCP connections in for whatever reason, you'll want to deal with soure port 67 (UDP) and destination port 68 (UDP)... you'd also wanna use the IP address which your cable modem uses as a source when it sends you packets... for example: