Out of necessity, I've been playing around a bit with the built in firewall in OS X, ipfw. It definitely isn't as full featured as iptables, the firewall built into many linux distros, but it's very easy to configure. One feature not controlled by the Firewall GUI settings in System Preferences is the ability to block a specific IP or range, and my old Netopia router didn't provide this either. Thanks to some kiddie trying to hack my system, I found that I now needed this ability.
I came across a slightly dated article at MacDevCenter.com that gave some excellent background on using ipfw, including setting it up as a Startup Item so that you can customize whatever settings you want, and have them take effect at each startup.
One change that I made here was instead of setting up my config file in the /etc directory, I saved it into the Firewall folder in StartupItems, and referenced it there, it seemed a much more logical place to keep this.