Brilliant you ask if you are safe in the security forum
I will play devil's advocate a bit then.
Adding iptables/netfilter to your host will mean there is extra code now running that may offer a vulnerability in your host.
Your router most probably has a NAT running and whist yes there are ways to compromise you through the NAT they generally involve you running malformed software.
NAT offers fairly good defense coupled with common sense in your software selection.
The majority of window hosts that get compromised are generally those who connect directly to the net and to be honest Linux boxes connected directly to the net can also suffer quite easily especially if the server option has been turned on when installing the distro.
Is iptables/netfilter suite examined for security vulnerabilities, you bet it is - so running iptables is not a bad option to add an extra layer of security.
But, do be aware firewalls have been the target for exploitation in the past, it is hard to write secure code, even harder in a commercial environment when people have to meet deadlines and add features for the marketing people who want to go to press at a certain time.
Snort has been subject to a recent vulnerability IIRC, so once you embark on the security path you need to have a few places to go to make sure your security toolkit is working as it should.