Those are IP subnets, and those groups select the originating IP address for the incoming connection.
Your network looks to be using the 192.168.1.x/24 subnet. Which is common. Unfortunately, the common subnets are also very bad choices if you decide to use VPNs in the future.
Ok, your "10-net group", "129.168-net group" and "192.168.1-net group" should probably be "10-net group", "192.168-net group" and "192.168.1-net group" (typo in there), and you'll find that is the 10.0.0.0/8 subnet, and the 192.168.0.0/16 block, and the 192.168.1.0/24 block.
Here are the three private IP address blocks:
- 10.0.0.0 to 10.255.255.255, also called 10.0.0.0/8
- 172.16.0.0 to 172.31.255.255, also known as 172.16.0.0/12
- 192.168.0.0 to 192.168.255.255, also known as 192.168.0.0/16
You'll generally have a subnet within these blocks, but we'll skip the IP subnet introduction for now and point to the use of "10-net group" to point to any incoming address in 10.0.0.0/8; connections from addresses 10.0.0.1 to 10.255.255.254. "192.168-net group" is 192.168.0.1 to 192.168.255.254, and "192.168.1-net group" is 192.168.1.1 to 192.168.1.254.
You can read the Wikipedia article on this IP addressing stuff but (and I've been tussling with IP for a very long time) it's surprisingly dense reading. (It's entirely correct, but it's written for IP nerds and not really for IP newbies.) If you don't bother reading that (and I would not blame you), then just remember you can't use the .0 and .255 addresses within any particular subnet; the ranges I show above reflect that, though technically the .0 and .255 addresses are within the ranges, and you probably want to configure your network out of the 192.168.0.1 to 192.168.0.254 and 192.168.1.1 to 192.168.1.254 subnets if you might ever need to use VPNs.
Now these private addresses should generally not be active on the public internet and should not be passing default router configurations, and so these should be LAN local. There are cases of ISPs using these blocks and issuing addresses from here for all private LANs managed by that ISP, so there's no solid rule of what you might see; there are various ISP schemes and even more local LAN schemes and permutations.
So the answer to your question is... Do you know what IP addresses will be referencing and reaching your server? If so, then yes, you can delete those groups that you are not using. But I'd probably leave the groups alone (at least for now), and just select the services within each (that your network is not using) for no traffic. Which is the "don't delete" answer.
I also typically recommend acquiring and installing an external gateway firewall box and not running a Mac as a gateway, as that makes networking (far) easier, and (if you purchase a gateway firewall with server-oriented features, or use one of the available open-source options with server-oriented features) you can connect via external VPN to your firewall to allow remote (in-bound) access into your network. That also means you have less traffic hitting your server-local firewalls.
I'd suggest some introductory reading on IP networking and DNS services, as they're essential to operating a server.