Hi sundry_50, I'd take a look at pfSense
(i.e., “making sense of packet filtering”). It's a customized version of FreeBSD tailored specifically for use as a perimeter firewall and router, and managed entirely from a web-based GUI. In addition to being a firewall and routing platform, pfSense includes a long list of other features, as well as a package system allowing its capabilities to be expanded even further. It's easy to setup and will run on dang near anything with a couple of good NIC adapters. FWIW, I wrote an article
on my blog about my experience setting up and configuring a pfsense box.