Firewall protects other services from outside access.
A good firewall *should* be doing a whole lot more than that. It should
Do not overestimate. Firewall can make a little more than just restrict access and inspect few (very limited) protocols. It can not protect you from slow scans; it can not protect you from SSL / SSH / (any other encrypted protocol) volnurabilities, it can not protect your users from viruses in e-mail, etc etc. Proxy firewall (device which terminates _ALL_ protocols) can help in some cases (management access to your network by ssh) but can not with others (SSL site hosting , for excample).
also be giving you a good level of detail about what crosses your Very good level of details - 200 Mb of daily logs (IP, IP protocol = https). Any network statistics system can do it. Unfortunately, all this logs are 99% useless until you need forensics.
perimeter. It should also be doing some level of content checking to In reality, I can count all useful things firewall can do. I can not count (it is infinite) numbers of things it can not do.
In real life, protocol inspection is useful for SMTP and DNS. Sometimes, for http (but not https), SIP, few other _open_ protocols. That's all. Sometimes, it can recognize unusual behaviour of _your_ server and notify you (esp. if you maintain _default deny_ for some protocols). You are right about _checking outbound connections_ - firewall can help, if properly configured. Unfortunately, you can spend days, configuring your home firewall for outbound connections, even if you maintain a proxy. I do not think, that you will do it for grandma... You are right about possibility of weaknesses in some PNAT devices. This is a very big potencial for a problem / holes here. I'd like to see such tests you are talking about (security tests for PNAT devices).