said by Angrychair:
Not to even mention your linux machine being used as a router is a target, unlike an appliance router.
A compromised linux machine is a real problem, so it just seems like a lot more admin work and power use than most people would want in the long run.
Isn't that what you have a firewall for?
I run Snort IDS on my firewall too.