in our application, a sccp specific gateway, users outside the firewall 
authenticate using secure web browser, then we open 3 ports for them by 
inserting rules into a subchain of the input chain. in trials we could 
authenticate a max of 10,281 users (30,843 rules). after that the system 
hangs.

we are using kernel  2.6.16-1.2115_FC4 and iptables 1.3.5.

we did not have time to investigate the exact cause of the hang. i have 
no idea how big the ruleset was. how does one find that out?

scott out