Sounds like a lot of hard work, Rolf!
Yes, but it's fun as well as, as you can really learn and understand how the stuff really works. Support provided by developers and the community over mailing lists is quite amazing.
Having fun with test equipment is just fine, doing the same with production is another matter. And firewalls are really not elements of your network you should start playing with: they are too important for your operation and security and it's too easy to break the config without even noticing.
If you want to go down the Linux/BSD way, I suggest you have a look at Smoothwall or IPCop (free) or Astaro (paid). We're using Astaro in a number of locations here and it offered very good value for money while still being easy to manage.
Regards, Stephane