Well, basically you're looking at your basic Netfilter tutorials, SANS' Firewalls & Perimeter Protection
, maybe Firewall, VPN, Intrusion Detection, and Router Tips
, some Advanced Networking Overview
, the Linux Advanced Routing & Traffic Control HOWTO
, and looking for the right firewall/VPN (management) tools.
Then, if you combine
netfilter = ingress/egress logging
netfilter = access restriction
netfilter + ip2route = routing capabilities
then you could argument a router distro like Astaro, Smoothwall, Wolverine/Coyote, Keeper and whatnot could provide either a good basis to decide on what you're looking for or provide you with a headstart wrt ease of configuration, time and whatnot.
That's why I said that (having a real problem with Occam's Razor thingie) and of course I should have been clearer.