ipcop is an excellent firewall "suite". I say suite because it includes everything you need. squid, vpn, packet queueing, firewall obviously... and then some. ipcop.org

Shorewall..haven't used it.

astaro security linux is a "commercial" tool but it's free for home use. I'd check them out..it's strikingly similar to ipcop...hmmm opensource is great isn't it?

openbsd 'pf'..I have loads of hours spent with this, and I enjoy it. It does what I need it to do, and has a few nice additions..works on Freebsd and netbsd iirc.

iptables/netfilter...well you already know those. I'd use fwbuilder to build a basic ruleset.

I still question the entire "hardware" vs. "software" firewalls..because what is a *nix box dedicated to firewalling? any hardware firewall still runs an os at the core, no matter how embedded or stripped...so meh.

ttfn..work is calling