Well, basically you're looking at your basic Netfilter tutorials, SANS'
Firewalls & Perimeter Protection, maybe
Firewall, VPN, Intrusion Detection, and Router Tips, some
Advanced Networking Overview, the
Linux Advanced Routing & Traffic Control HOWTO, and looking for the right firewall/VPN (management) tools.
Then, if you combine
netfilter = ingress/egress logging
netfilter = access restriction
netfilter + ip2route = routing capabilities
then you could argument a router distro like Astaro, Smoothwall, Wolverine/Coyote, Keeper and whatnot could provide either a good basis to decide on what you're looking for or provide you with a headstart wrt ease of configuration, time and whatnot.
That's why I said that (having a real problem with Occam's Razor thingie) and of course I should have been clearer.