I'll soon (hopefully!: the current security arrangment is HORRIBLE), a 3 legged firewall (ie: with a DMZ) and I was wondering if there would be anything wrong to setting up snort on the firewall itself (the internal network is switched and DMZ will most likely be too...)?

Follow up on that would be how much processing power would be necessary for that firewall (OpenBSD 3.0 with pf) running snort and serving arround a 100 hosts maximum (average would probably be 35 outgoing connections at a time) ?

Other setup suggestions appreciated too...