Amateur though I am, I've become the default manager for internet access
in our large home. The hardware consists of a cable modem and older model
WRT54G with updated firmware. All but my own PC (which connected via the
local ethernet port on the router) are using wireless. This has worked
quite well until the two college-age folks in the house started getting
heavy into P2P (Limewire and Sharezaa). This has had a noticeable performance
impact on net access, and I'd like to try to improve things.

I am not in a position to prohibit these kids from using P2P, and polite
efforts to get them to limit the number of connections, and to postpone
heavy transfers to off-hours has not worked for very long. I understand
that various port blocking rules within the router are largely ineffective
because the P2P clients use port-hopping, and can even use port 80 if
notinh else works. I was wondering if a more sophisticated hardware solution
might help us.

My first understanding is that the limited CPU power and RAM in an
inexpensive router get overwhelmed by such a large number of connections.
Would a more robust hardware (NAT router) be likely to help? If yes, and
specific suggestions?

From what I gather, true hardware firewall appliances allow the use of
rules that can limit the number of connections and the bandwidth allotted
to each client IP address. This, to me, seems very attractive (although
more expensive) and I was wondering if interposing a firewall between the
cable modem and the router (or discarding the modem and using the firewall
with an access point) would achieve the desired end. Any specific
suggestions?