Granted, my answer has little to do with Perl. You may want to check whether your OS supports functionality similar to the following:

In OpenBSD, authpf(8) allows altering the firewall configuration for those people who enter the system via a special SSH session. I can heartily recommend reading the entire man page.

There are several reasons why I suggested the above feature:

• You can interface it with distributed authentication mechanisms (LDAP, NIS, RADIUS, etc.);
• It provides a single, secure interface to enter a password (SSH);
• It does not harrass applications for passwords that they're possibly (likely?) not ready for.

I'm fairly sure Perl can cater to the list above. But since you have an OS already, you might as well use it. Unless, of course, you can integrate things more easily with Perl code you already have or use.

Personally, I think the WinXP built-in firewall isn't that bad. It suits most of my needs as an end user while being on the road. At any other location, I place client machines behind a firewall anyway. Just pick the platform you like best (for me, that's OpenBSD).

Where does Perl come into the picture? Well, it may be useful to generate the various firewall rules you're thinking of. At least, that what I'd use it for in this case.