Avast is good. So is Bitdefender. As far as firewall, what do you hope to accomplish with a software firewall? Aside from stealthing ports, which you can do with the built-in firewall on any modern OS, I find them pretty useless.
Linux/Unix does not have a built-in firewall.
Nonsense. Iptables is built into the Linux kernel.
Actually, iptables is just a command line utility; it's not part of the Linux kernel.
That's a little pendantic, don't you think? Netfilter is built into the kernel, and iptables is a utility created by the netfilter project to configure it. Together they form a complete Linux firewall and NAT system. You can't get much more integrated into an OS than netfilter/iptables. Indeed, I've looked and can't find a single major distribution that doesn't include iptables (well, I guess Gentoo-based distros use their own iptables replacement).
But yes, if you think it's really significant, the configuration tool is not the bit built into the kernel.
None of which, of course, changes the fact that every major Linux distribution, FreeBSD, OpenBSD, CentOS, and every flavor of Unix anyone's likely to come across all do, in fact, come with built-in firewalls that will allow one to stealth ports.