There are a hundred ways to build a firewall, from turnkey machines (am I the only one who always misreads that word as "turkey"?) that you can just plug in and ignore to a vast variety of software packages.
The elves who bring us Linux, though, have seen fit to incorporate into the Linux kernel the capacity to filter incoming and outgoing packets. They've also incorporated tools into Linux distributions to manage these packet-filtering capabilities, making it easy to turn a basic Linux box into a firewall. And all for free! Since we're now saving up for a new car, we'll go the thrifty route and set up our system using inexpensive hardware and gratis software.
For purposes of illustration, let's imagine that you have a small home network. You have just one broadband line running into the house, and you want to share it amongst all the computers: your big desktop system, your laptop, the entertainment system in the livingroom, your live-in boyfriend's laptop, and the iMac that the boyfriend's mother, who lives in the basement, uses to surf eBay all day. (Just a temporary arrangement, the boyfriend assures you, until she gets back on her feet and finds a reasonably priced mobile home. Fine, you say, but you both know he owes you big.) Obviously, this is a small-scale example, but the principles can be applied to anything from a single machine to a gigantic network.
Or perhaps you want to run a Web server and want it to be a bit less crackable. Whatever your setup, you need a firewall.