I just noticed that 16manyrules2.sh test in netfilter-0.1.7 doesn't make any sense. The error I mentioned in this case was not too many rules but dropping packets it shouldn't. I don't know how to include it in the testsuit. The test I suggest is simply 30 times 'iptables -A INPUT -j ACCEPT' and then checking '-L' results. Adam