Original: Iptables – производительность роутера (Russian)
Incorrect iptables settings may cause poor router performance. I'll show you how can you improve iptables performance
Disable connection tracking
The first thing you need to do (if you are not using NAT) is to disable connection tracking in nat table, PREROUTING chain:
iptables -A PREROUTING -j NOTRACK
Notice that if you have rules with match module, you'll have to change them to avoid match module. Also, all rules using conntrack will stop working.