I've been running an open AP at home since we moved here, mostly because I like having open wireless available while traveling. It sits on a separate interface on my router/firewall. Traffic to the public Internet is allowed through, but most traffic to my LAN interface is blocked. Only SSH and OpenVPN connections to the gateway on the LAN are permitted, so I don't worry about the security of my home LAN.
I do, however, have problems with bandwidth leaches. One of our neighbors, and recently his buddy that moved in with him, seem to think it's OK to stream movies and pirate shit over my wireless connection instead of buying their own service. I've been planning on installing a new, locked-down AP (old AP was B/G only anyway) and taking away the open AP because of these two.
I'm thinking about leaving the open AP up in addition to the new, locked-down, private AP, but applying some pretty severe use limits:
1. AP total traffic capped at some fraction of my reserve bandwidth capacity
2. Individual hosts bandwidth capped at something that makes the connection useless for streaming
3. Individual hosts transfer capped to prevent downloading large files
4. Some reasonable max connection life (I'd like to still allow VoIP calls, for instance)
Anyone else doing something like this? Have you had any problems because of it?