Using OpenVPN with a TAP0 interface to forward network probes from the outside to the inside.

[greenfreq]

I currently use a NUC with kali on it as a tool to perform remote internal network testing.  It is configured so that it acts as a client that connects to an OpenVPN (not the AS) server and allows for traffic to be routed through it to the inside network and back again.  I'd like to just use LANTurtles as they are smaller, less expensive and supports a resource to the hacker community that has been invaluable for like 15 years.

The issue is that we have an OpenVPN server using a tap interface instead of a tun interface.  When I look at the iptables rules I can see that a tun0 rule has been placed.  I have little to no experience with fw3 and how it functions.  I cannot see where the tun rule is being configured (its not in the firewall file) so that I can imitate it.  Inserting a new rule with the same syntax does not appear to resolve the issue. 

1. Are the firewall rules, currently in place, just default rules for fw3, or have they been preconfigured specifically to facilitate the use of the available modules?  If I wipe them and build my own am I likely to break a module capability?

2. Can someone point me to a detailed resource (my google foo has failed me, all I find are intros to this or that and they are surface notes at best) about fw3 or iptables as it is implemented here.