What do these "ALG" setting on my router mean, and what is "ALG"?
Solution 1:
"ALG" here stands for "Application-layer Gateway". That is, firewall modules which cope with some peculiarities of those protocols.
On a stateful firewall, the "state" is usually tied to just addresses and port numbers. That is, you send a packet from port X to server's port Y, and the firewall automatically allows the reverse back in. However, some protocols use additional connections – for example, FTP in 'active' mode makes the server connect back to you on a separate port. So the firewall needs an ALG module that snoops on FTP commands and automatically adds the necessary rules. (This includes automagic port forwarding when NAT is in use.)
Firewalls with NAT enabled translate IP addresses and TCP/UDP ports within the corresponding headers. But some protocols also send the client's or server's address inside packets themselves – for example, yes, the same FTP does this (in active mode the client sends its own address, in passive mode the server does). An ALG tries to do the appropriate rewriting of those FTP commands.
Usually, what happens if the appropriate ALG is not present is that certain connections simply hang in the middle. For example, you can log in to the FTP server, but it timeouts while trying to get the file list.
(Yes, most of those stop working when encryption is enabled since the ALG can no longer look inside. You could say ALGs are tools for disguising problems.)
As for which you can disable: that really depends on which protocols you use, and whether your particular router's ALG is of acceptable quality. (There have been some models which would utterly break connections instead of 'fixing' them...) For example, disabling H.323 support (an old VoIP protocol) should be fine.