Do yourself a favor, and get PFSense.

PFSense is out of the box focused on security, and you can make as many complicated rules or networks as you like. You can make it work with pretty weak hardware (one of my firewalls is using a Celeron P4500 dual core @ 1.87GHz with 2GB RAM, and manages 100 devices with ease) but for Gigabit speeds you’ll want to invest in a decent NIC from Intel.

Packages like ntopng, bandwidthd, iperf, etc. are all easy to install, letting you take complete control of your network. Set up for OpenVPN is a piece of cake, letting you get a secure tunnel back to your network (or bridge two PFSense routers so that two local networks can communicate together) in a matter of minutes.

Here is a wonderful starter breakdown of the best firewall I’ve ever used by Lawrence Systems, and I highly recommend you subscribe to their YouTube channel for more great content.