It seems to differ many are quite simple
I have a linux firewall now, had Neowatch before
which according to shields up https://grc.com/x/ne.dll?bh0bkyd2
neowatch was really good all ports in stealth mode
but my linux route/firewall has all ports as closed
good but not as good as stealth (ports are not there)
it is called floppyfw http://www.zelow.no/floppyfw/faq.html
and has DHCP connects and logs in my ADSL
and I can run 100 machines if I like and have big hub