Porting firewall to RTOS

Dear all,

My employer is considering different proprietary firewall/IDS solutions
at the moment to be utilized on the Marvell Brightlane managed
automotive Ethernet switches (there are Cortex-R52 cores on the same IC
connected to the switch fabric). I've proposed to consider porting
existing open source firewalls instead, but I'd like to ask your opinion.

Generally speaking, Marvell provides a light-weight RTOS to run on their
switches together with the Titan SDK to develop user applications.
I haven't had a chance to tinker with the RTOS or SDK yet, but trying to
understand whether porting PF/IPFW/IPF feasible taking the fact that PF
has been ported to different OSes (including QNX) into account.

Which of the firewalls would you choose if you had to do something similar
and why?

Which restrictions of the RTOSes would you consider (no dynamic memory
allocation, no virtual memory, etc.) if you had to estimate the whole
work to port the open source firewall?

Personally, I've been looking for some ways to bring FreeBSD into the
automotive domain, but haven't had an opportunity to do so till this
very moment.

Regards,
Dmitry

--
https://wiki.freebsd.org/DmitrySalychev