Tad1214
Everything you are wanting to accomplish can be done pretty easily. First and foremost I'd suggest using PF as your firewall. Features like Nat, QoS, Port forwarding etc.. can all be controlled by PF. For DHCPd I use
/usr/ports/net/isc-dhcp3-server I am currently using Bind for DNS but tinydns should work just as well. Their are a few rc.conf additions you need to enable for routing;
gateway_enable="YES" among others...
Most of the basics can be described
here and
here Personally I'd recommend separate labels or partitions for things like squid and possibly Snort or MRTG. This all depends on how you want to set it all up. For anti virus look into ClamAV i use it with samba and have no issues. OpenVPN will be fine as well, theirs many to choose from but Open does the job for me.
That should get you started - if you need help msg me