Firewalling Router

[Shan]

Over the past couple of months I've been getting increasingly paranoid over hackers getting into my systems. I've got snort running and what I hope is a good iptables based firewall but it has a lot of services running that need to be always accessable to the internal network, such as samba/nfs, apache et al; in addition to working as a router. As it stands, this machine (Nexus) provides no services to the world at large; but I fear that since it is "touchable" to the outside, its a risk. What I'm thinking of doing is offloading the firewall / dhcp / router duties to a true router; and having Nexus be "just another machine". In the end I'd probably merge Nexus into a hardened machine as well just because I'm that paranoid but first I need to find a good, reliable (but preferably cheap) unit to handle this duty. Ideally it would have a web interface for me to manage it but I'm fine with command line as well. Having it come from a company that is reputable and offers updates would be a plus but isn't required. Above all though it needs to be reliable in both firewall AND routing. I've done some basic googling based on devices that are available at the nearby Staples found that people complained of units that would crap out over any significant load (some upstream, others downstream, some both). My home-network has half a dozen computers so it has to be able to handle some traffic.

Any reccomendations?

EDIT: It doesn't need to be an 8 port setup or anything, just a WAN+2 or 3 LAN ports; I have an existing switch I can use to connect the rest of the machines into the new unit.
_________________
{ NO -U } { STRIP }
{ TINY }

[occ]