A firewall is either a hardware of software device designed to block people outside your home from getting into your computer (similar to the way a building or vehicle firewall stops actual fire from spreading to areas where people are).
A hardware firewall is usually contained inside a router, though industrial grade dedicated firewall appliances also exist. These units usually have very simple software in them running on Linux or some other proprietary system. Their only function is to block unauthorized connections. As a result, they perform this task very well. There are no extra programs, services or devices to potentially cause security problems.
A software firewall runs on the computer you wish to protect. It also blocks unauthorized connections. It runs on whatever operating system you have on your computer.
The question is, which is better? The answer depends on which you consider the biggest threat: the bad guys outside or the hidden dangers in your own computer.
Hardware firewalls operate outside your computer. This has two advantages: they aren't vulnerable to the weaknesses your computer has and hackers aren't reaching your computer before they encounter the firewall. In addtion, they protect any computer connected to them, regardless of the operating system. However, hardware firewalls usually don't stop viruses and spyware from "phoning home" to their creators. Of course many can prevent you from getting them in the first place. Hardware firewalls usually require fewer updates because it's not as easy to hack them.
Software firewalls are easy to install and update, but they are only as secure as the operating system your computer runs. If you get a virus that affects your computer, it could affect your firewall, too. That's why antivirus and anti-spyware protection is so important. One big advantage of a software firewall is it can warn you if a program is trying to reach the Internet without your permission. This does a good job of preventing viruses and spyware from doing more damage. Just remember that keeping a software firewall up to date is more crucial to counter exploits that occasionally occur.