Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can i restrict the number of ports for NAPT configuration

    Scheduled Pinned Locked Moved NAT
    6 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      crick
      last edited by

      Hi,
      I have a following setting:
      WAN interface with One IPv4 public IP address and LAN interface with IP address from RFC1918 range. I have around 5 hosts on the LAN side.
      I want to try some things out an was wondering is it possible to configure pfsense to restrict the number ports i.e. restrict the number of ports to (TCP/UDP) 100 only, so 100 ports shared among 5 hosts. Is it possible to configure pfsense in this manner?

      Thanks

      1 Reply Last reply Reply Quote 0
      • D
        danswartz
        last edited by

        not easily, AFAIK.  why would you want to do this?

        1 Reply Last reply Reply Quote 0
        • C
          crick
          last edited by

          @danswartz:

          not easily, AFAIK.  why would you want to do this?

          Hi,
          Reason for doing this is to test some one my applications in the scenario when there is not enough ports for translation and their behavior. Can you provide any details on would need to done in order configure it as i require.

          Thanks

          1 Reply Last reply Reply Quote 0
          • B
            blak111
            last edited by

            Creating a firewall rule that limits the number of state entries for your one machine should simulate that effect.

            1 Reply Last reply Reply Quote 0
            • C
              crick
              last edited by

              @blak111:

              Creating a firewall rule that limits the number of state entries for your one machine should simulate that effect.

              Hi,
              Could you provide an example how i could do this.

              Thanks

              1 Reply Last reply Reply Quote 0
              • B
                blak111
                last edited by

                Firewall > Rules > LAN > add new rule
                Set the action to Pass
                Set the Protocol to TCP/UDP

                Click Advanced Options
                Set the Simultaneous client connection limit to 100 and click save.

                Then create a new firewall rule after that one to block all of the traffic. This is because once the connections are maxed out for that rule, the traffic continues through the firewall rules.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.