[gh02t]

Yeah it can. The firewall is standard iptables, so you can do whatever you want. It's also got DNS, http cache, SOCKS proxy and approximately 1 trillion other things that you may find handy as an all-in-one home/small business network device. Needless to say, it's maybe not the best idea security-wise to run all that stuff on one device, but I'm not terribly concerned.

I've heard people say it's not really powerful enough CPU wise to cope with a ton of rules (>hundreds), but I have a fairly involved firewall config on mine and it's no trouble.

Funny story, we use a firewall rule to punish roommates for not doing their share of the chores. If they get too far overdue on chores, we have an iptables rule to randomly drop a certain percentage of packets to their machine.