One of your requirements, the need for multiple public addresses, is going to be a show stopper. Of the two most popular Linux-based free firewalls, IPCop and SmoothWall, neither allow multiple external interfaces (what these products call "red" interfaces). The commercial SmoothWall Advanced Firewall product does support multiple "red" interfaces.
But all is not lost, whilst not a Linux-based firewall, the BSD-based PFsense firewall does support multiple "red" interfaces. There are some caveats to this support. In general though, PFsense is based on the m0n0wall firewall and has a very similar Web-based, front-end configuration. It's a fast, fully-featured firewall that runs on a wide variety of hardware. It supports all of the other requirements you have listed with the only possible issue you might have being that some older hardware might not be sufficient to run PFsense.
Related Q&A from James Turnbull
A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system.continue reading
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains...continue reading
Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.