Each has it's uses..
One advantage of your own firewall script is that it can be tuned, really well..
and the hardware device? Who knows what's in there..
One disadvantage of your own firewall script is that it wasn't written by an expert, so it may have holes in it.. Big holes.. And the hardware device? Who knows?
It's only going to be a big problem if you expose connections to the internet, eg run servers.. Then the problem moves to the quality/security of the server/software..
You could always use both, but the real weaknesses are bad passwords, bad configurations and users who don't care.
If you're just a workstation, it's relatively easy to block NEW incoming connections.
That's a good start. Anything more complicated and you'll need to do some study..
eg an iptables example.. http://wiki.linuxquestions.org/wiki/..._a_workstation