Amusingly most home routers already support most of that. #8 isn't feasible, a router doesn't have enough of a view into the traffic to do that kind of thing in real-time. And IMO #9 is better done on the printers. My laser printer's got Ethernet and a built-in print server (actually several, for the different protocols used by different operating systems). The rest is already a standard part of the firmware most router vendors base their own on. It's just that the vendors have disabled/removed a lot of the useful bits, or at least removed any access to them in their UI. Reflash your router with stock DD-WRT and you get pretty much everything you're asking for. Even the firewall. Every device on your network may have a public IPv6 address, but that doesn't mean the firewall will let inbound traffic through to them. The stock settings on mine are to allow established/related traffic through inbound, allow DHCPv6 traffic in to the router only, allow ICMPv6 traffic, and drop everything else. The IPv6 side follows the same rules as the IPv4 side: I can connect out, but nobody else can initiate a connection in. Oh, and for #5 I wouldn't build a big switch in, you aren't going to be rate-limited by the bandwidth to the router so use one LAN port to feed a larger switch that your network hangs off of. That also removes intra-LAN traffic from the router's switch.
Supporting multiple ISPs is an intricate bit of work, but it's mostly an extension of what's done to support the current WAN port. The biggest problem is that with 2 WAN connections you need a routing daemon and it's configuration has to be coordinated with both ISPs and that's going to be a nightmare.
If you don't care about keeping power consumption to a minimum, there's a lot of fun you can have with a mini-ITX or smaller board, a managed switch and an x86_64 build of DD-WRT.