First you will need to choose an operating system platform for your firewall. Windows is a possibility, but most all of the Open Source firewall applications were designed to run on Linux (or other Unix variants in some cases). Some free firewall packages include the base Linux OS and install completely, without the need for selecting, downloading and installing or compiling individual components, configuring Web management or other controls, and so forth. This can be a big time saver and there are several excellent choices, such as Untangle's free version (more on Untangle below).
The firewall components and applications you require include a core routing and protocol filtering component, which also can provide network address translation (NAT) functionality. TCP and UDP protocol management beyond basic port filtering is important as well, allowing or restricting particular applications or functions. An interface for creating and managing these rules, usually a Web interface for ease-of-use is also needed. These are required components for any system calling itself a firewall. Firewalls go far beyond this basic functionality, however.
Almost all current firewalls provide virtual private network (VPN) functions. The firewall acts as a VPN endpoint and the rules component helps manage what remote VPN users or sites can and cannot access on the network. Intrusion Detection & Prevention (IDS/IPS) and reporting functions are key components as well. Good reporting visible via a Web interface, and with alerts sent via email is very important. A full-featured intrusion detection system (IDS) like Snort is a great component to integrate, see more about Snort in my review article here. Anti-Virus, other anti-malware, anti-spam and related components can be added, taking some of the burden off internal servers and PCs to protect themselves. Many choices for these components
Check out this review of Untangle to see what their Open Source package has to offer for your firewall. If you don't want to assemble all the components yourself this is a good choice. Untangle's base package includes 12 Open Source firewall applications. These free applications provide more than the minimum firewall components, including anti-malware, anti-Spam, IDS, VPN and reporting functions. Advanced networking features including QoS and Voice over IP support provide tools for or ensuring bandwidth is available for sensitive applications such as VoIP) are present and easy to access and configure. Untangle's web management interface for these security apps is easy to learn and understand. Untangle also offers Untangle for Windows, a free firewall package which runs on a Windows XP computer.