I found this little baby on Mini-ITX/. It's an embedded ITX platform for industrial routers and internet gateways, based on a VIA chipset (which is x86, btw). What's there not to like?
Before this one, I had a Linksys WRT54GL from work, flashed with OpenWRT and a site-to-site VPN on it. But because of the limited hardware and extensibility, there was not much room for anything more than that. As I found the hardware for Sil (thanks to JCM-Concepts), it was ideal for a little bit more. Okay, I would lose the built-in wireless, but I could easily switch to my old WAP54G if needed.

As for an OS, I didn't know of anything to my liking that was prepared for embedded systems. They were either as limited as OpenWRT, or lacked some other things.
So I started working on modifying a Debian Lenny x86 so it would keep its /etc and /var partitions in RAM, so logging and such would not wear down the CF card. To attain this, I modified the initramfs scripts so they would be using aufs to overlay a read-only file system with partitions in RAM. Modifications would have to be made to the read-only file systems (which would then be mounted read/write during reconfiguration). Logging would be written to ramdisk, and thus, not wear out the CF. This was a bit of tweaking, but in fact, worked rather well. I installed OpenVPN, Shorewall to set up netfilter, and a bunch of other software I needed, and that was that.

Later on, I lended out my WAP54G, and got an Airport Extreme in its place, which is, while a bit more expensive, the best access point I've ever seen, both in performance as well as functionality (it can act as an access point, a wireless router, a repeater, print-server, ...), and ease of configuration.

Of course, updating was a hassle, and changing configuration required some effort as well. So, I started looking for an alternative, but still came up empty.
Then, a collegue at work introduced me with pfSense, a firewall "appliance", based on FreeBSD. It has an install for harddisks, and even better, a version for embedded systems.

It didn't take long to decide: after proper testing on a machine at work, I opted to install pfSense Embedded on my router. A bit unfortunately, the embedded installer did not work properly, as it was targeted for Soekris boards, which are also x86 but are properly configured with a serial port, as they have no keyboard or VGA. However, not really a problem, as there's an unofficial way to get a full installation to act as an embedded one, without the loss of VGA and keyboard, but with the gain of embedded (and thus, no wear on the CF). Installing it this way was a true success. I finally have a properly running firewall appliance, with the power of FreeBSD and all its goodness.