Hello sir,
I worked on different kinds of firewalls under Linux. That experience will help me to implement what you want in short term. I also participated in different open source projects such as Quagga, Tcpdump, PowerDNS.
Let me explain how I wish to work on your project.
First, I'll implement encryption/decryption library, and we will test it locally on different kind of data.
Second, I'll implement daemon which will be using NFQUEUE (it's netfilter's feature). It helps us test en/decryption algorithm on real network traffic.
Third, I'll implement module for netfilter and control utility (using some NETLINK).
Each stage won't take more that one week with testing. So, we will finish prototype in 3 weeks. Then you can start using it in your environment. I'll also provide support for first time of usage.
Best,
Vyacheslav