Whether or not the Netgear firewall is 
wrong or 
right for your installation depends on whether or not you can pass the public IP# through the firewall.  If  you can turn of Network Address Translation in the firewall, and pass the public IP# through, then it could work for you. The problem is that DirectAdmin 
must run on the main IP# on the server, which must be a public routable IP#.
We build our own routers. They simply forward packets. We don't use them for firewalls; rather we use firewalls on individual servers so our server clients can decide for themselves what to allow/disallow.
It's very easy to build a linux router I'll make an off-topic post today on how to build a linux router.
As far as DNS is concerned, you can use both of them for nameservers if you want, and still use them for hosting. The problem is only that if your server goes down your DNS does too. You may think this is okay, but it's not for most of us (and for the Internet as a whole) because if your server goes down then anyone attempting to visit your site will be told it doesn't exist.  Unless they or their ISPs either reoute DNS errors or use 
OpenDNS, in which case browsers will get rerouted, perhaps to links to competitors.
So you should really use only one IP# on your server for one nameserver, and set up slave DNS elsewhere as a second nameserver.  If your second server uses DirectAdmin you should search these forums for information on 
Multi-Server Option, or if it doesn't, search these same forums for my 
Master2Slave DNS Replicator, which I paid to have written, and then put under GPL licensing.
I'll make a post today in the Advertising forum to advertise our slave DNS services for DirectAdmin servers.
Jeff