Which way would be easy to load a huge script that would be modified quite often?
iptables-restore
The save format is a little weird at first but it's not too hard to see how it matches your iptables commands. I now modify /etc/sysconfig/iptables directly. (This is the save file used on Red Hat systems to reload the firewall at boot time.)
If I understand things correctly, iptables-restore makes a single kernel call with only one lock, so it's very efficient at loading the tables into the kernel.
Change your script to write your rules into the save format and then invoke iptables-restore to load it. This is actually pretty simple, as most of your iptables commands will be replaced with "echo ${RULEBODY} > ${SAVEFILE}" (where RULEBODY is the parameters to your old iptables command).
