A friend and I are looking to undertake a project using pfSense and Snort as a base, to create a box that can handle content filtering and packet inspection for a high volume network. 15k or so active connections, 200-500mbps at any one time. Price on the box itself doesn't really matter, so if it takes a monster machine to run it, so be it. We were thinking of going with pfSense, Snort, Squid/SquidGard, ntop, pmgraph, and BASE. That would cover all of the features needed, but I've got no idea if these programs work with such high volumes. Anyone know?