I'm going to setup a good firewall for a university wifi network. For legal reasons we need to block P2P traffic. We also would like to redirect new users to a sign-in page on first use (similar to wayport or other wireless cafe type setups) in order to control access to the network.
Good traffic monitoring capabilities (on the IP/mac level) would be a plus as well (something similar to ntop)
I'm planning on going with IPCop and tweaking it, but does anyone else have any better suggestions?