m0n0wall provides many of the features of expensive commercial firewalls, and some you won't find in any commercial firewalls, including:
web interface (supports SSL)
serial console interface for recovery
set LAN IP address
reset password
restore factory defaults
reboot system
wireless support (access point with PRISM-II/2.5 cards, BSS/IBSS with other cards including Cisco)
stateful packet filtering
block/pass rules
logging
NAT/PAT (including 1:1)
DHCP client, PPPoE and PPTP support on the WAN interface
IPsec VPN tunnels (IKE; with support for hardware crypto cards and mobile clients)
PPTP VPN (with RADIUS server support)
static routes
DHCP server
caching DNS forwarder
DynDNS client
SNMP agent
traffic shaper
firmware upgrade through the web browser
configuration backup/restore
host/network aliases
m0n0wall contains the following software components:
FreeBSD components (kernel, user programs)
ipfilter
PHP (CGI version)
thttpd
MPD
ISC DHCP server
ez-ipupdate (for DynDNS updates)
Dnsmasq (for the caching DNS forwarder)
racoon (for IPsec IKE)
The m0n0wall system currently takes up less than 5 MB on a Compact Flash card or CD-ROM.
On a net4501, m0n0wall provides a WAN <-> LAN TCP throughput of about 17 Mbps, including NAT, when run with the default configuration. On faster platforms (like net4801 or WRAP), throughput in excess of 50 Mbps is possible (and up to gigabit speeds with newer standard PCs).
On a net4501, m0n0wall boots to a fully working state in less than 40 seconds after power-up, including POST (with a properly configured BIOS).