Network layer firewalls generally fall into two sub-categories, stateful and non-stateful. Stateful firewalls hold some information on the state of connections (for example: established or not, initiation, handshaking, data or breaking down the connection) as part of their rules (e.g. only hosts inside the firewall can establish connections on a certain port).
Stateless firewalls have packet-filtering capabilities but cannot make more complex decisions on what stage communications between hosts have reached. Stateless firewalls therefore offer less security. Stateless firewalls somewhat resemble a router in their abilty to filter packets.
Any normal computer running an operating system which supports packet filtering and routing can function as a network layer firewall. Appropriate operating systems for such a configuration include Linux, Solaris and the BSDss.