Firewall, Bridge, QoS + routing in 2 interface

Hello friends,

I have this setup, and I'd like to implement bandwidth limiting
in my Linux firewall for my local LAN by either using a cbq or
htb QoS. Also, a few netfilter rules, a local DNS caching server
and a http proxy that filters accordingly, appropriate for any of
my kids

The ISP had already provided a router along with the DSL, so I
inserted my Linux firewall between the DSL-router and the switch.

This is my problem: What's the best setup for this? In terms of
the firewall's performance and easier to implement?

I've read a few about ebtables, but I feel much comfortable
with iptables(well documented), and googling about bandwidth
limiting/QoS on a bridge returned a few hits

A. do I need to use my Linux as a bridge, with an IP attached
to it?
br0 ip: 192.168.0.2 w/ default gw 192.168.0.1
all box behind the switch / default gw 192.168.0.1

B. or as a regular firewall with two interface?
eth0 ip: 192.168.0.2 w/ default gw 192.168.0.1
eth1 ip: 192.168.0.3 w/ default gw 192.168.0.2
all box behind the switch / default gw 192.168.0.3
Is this the right routing pattern for th 2 interfaces?


A. internet
xxx.xxx.xxx.xxx (static)
-----|------
|DSL router|
-----|------
192.168.0.1
|
|
eth0
----|----
LINUX | |
FILTER | br0 - 192.168.0.2
| |
----|----
eth1
|
|
----|-----
192.168.0.x --| switch |--192.168.0.x
----|-----
|
192.168.0.x

---------------------------------------------
B.
----|-----
| router |
----|-----
192.168.0.1
|
|
192.168.0.2
----|----
FILTER |eth0|
| |
|eth1|
----|----
192.168.0.3
|
|
----|-----
192.168.0.x --| switch |--192.168.0.x
----|-----
|
192.168.0.x



Thank you for your time,
and God Bless,

--
- Dako