Logo

MonoCalc

/

Port Range Calculator

Networking
Comma-separated ports and ranges, e.g. 22, 80, 443, 8080-8090

About This Tool

🔌 Port Range Calculator – Expand, Merge, Subtract & Classify TCP/UDP Ports

The Port Range Calculator is a professional-grade networking utility designed for system administrators, network engineers, DevOps practitioners, and security professionals who work with TCP/UDP port ranges daily. Whether you are writing firewall ACL rules, configuring load balancers, auditing open ports, or planning network segmentation, this tool handles all port-range arithmetic instantly in your browser.

🎯 Six Powerful Operation Modes

The calculator supports six distinct modes, each targeting a common real-world task:

ModeWhat it doesExample
ExpandLists every individual port number in a range expression8080-8083 → 8080, 8081, 8082, 8083
CompressConverts a flat list of ports into minimal hyphenated notation80, 81, 82, 443 → 80-82, 443
MergeConsolidates overlapping or adjacent ranges into one set100-200, 150-300, 301-400 → 100-400
SubtractRemoves one range from another, returning the remainder8000-8100 minus 8040-8060 → 8000-8039, 8061-8100
Port CheckVerifies whether a single port falls inside the defined rangesPort 9025 in 9000-9050? → ✅ Yes
ClassifyAnnotates each port with its IANA service name and categoryPort 22 → SSH · Well-Known

📝 Input Notation

Enter port expressions as comma-separated tokens. Each token is either a single port number (e.g., 443) or a hyphenated range (e.g., 8080-8090). Whitespace around commas and hyphens is ignored. A full expression might look like:

22, 80, 443, 8080-8090, 9000-9100

All port values must be integers in the range 0–65535. In a hyphenated range a-b, the start value a must be less than or equal to b. Duplicate ports are silently deduplicated before calculations.

🏛️ IANA Port Categories

TCP and UDP ports are divided into three IANA-defined categories:

CategoryRangeDescription
Well-Known0 – 1023IANA-assigned system ports (HTTP=80, SSH=22, DNS=53). Require root/admin to bind.
Registered1024 – 49151Application-registered ports (MySQL=3306, Redis=6379, RDP=3389). No special privileges needed.
Ephemeral49152 – 65535Dynamically assigned by the OS for outbound client connections. Never registered with IANA.

🔥 Firewall Rule Generation

Enable the Generate Firewall Rules toggle and select your protocol (TCP, UDP, or Both) to receive ready-to-paste rule snippets for three major firewall tools:

iptables (multiport)

-m multiport --dports 80,443,8080:8090

Note: iptables multiport supports a maximum of 15 entries. A warning is shown if your ranges exceed this limit.

nftables

tcp dport { 80, 443, 8080-8090 }

firewalld XML

<port port="80" protocol="tcp"/>
<port port="443" protocol="tcp"/>
<port port="8080-8090" protocol="tcp"/>

📊 Port Space Density Bar

After calculation, a visual density bar appears spanning the full 0–65535 port space. Colored segments show exactly which ports are covered, divided into three colour bands: blue for Well-Known, green for Registered, and orange for Ephemeral. This gives an instant visual sense of how your ranges are distributed across the port space.

💡 Common Use Cases

🛡️ Firewall ACL Authoring

Expand or merge ranges to understand exactly which ports a rule covers before deploying.

🐳 Container & Kubernetes Port Mapping

Verify port conflicts between services, check NodePort ranges, and generate clean port lists.

🔍 Security Auditing

Classify ports from a scan output to instantly identify which services are exposed.

📋 Documentation

Compress ad-hoc port lists into compact range notation for runbooks and change tickets.

⚙️ Calculation Logic

All operations use pure set arithmetic on sorted, deduplicated port arrays:

  • Parsing — tokenizes the input on commas, detects single ports vs. hyphenated ranges, and validates each value.
  • Merge — sorts ranges by start, then walks linearly, extending the current range when the next range overlaps or is adjacent (next.start ≤ current.end + 1).
  • Subtraction — expands both range sets to sorted arrays, computes the set difference, then re-compresses the result.
  • Compression — groups consecutive integers into [start, end] pairs, emitting start alone when start === end.
  • Inclusion Check — performs a linear scan over merged ranges for the queried port.

Frequently Asked Questions

Is the Port Range Calculator free?

Yes, Port Range Calculator is totally free :)

Can I use the Port Range Calculator offline?

Yes, you can install the webapp as PWA.

Is it safe to use Port Range Calculator?

Yes, any data related to Port Range Calculator only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

How does the Port Range Calculator work?

Enter a comma-separated expression of individual ports and ranges (e.g., '80, 443, 8080-8090'). The tool parses each token, validates that all values are between 0 and 65535, and then performs the selected operation — expansion, compression, merge, subtraction, or inclusion check — using pure set arithmetic.

What notation does the tool accept?

The tool accepts comma-separated lists of single port numbers (e.g., '22') and hyphenated ranges (e.g., '8080-8090'). Mixed expressions like '22, 80, 443, 8080-8090, 9000-9100' are fully supported. Whitespace around commas and hyphens is ignored.

What is the difference between merge and compression?

Compression converts a flat list of individual port numbers into the shortest hyphenated range notation. Merge operates on a set of range expressions and consolidates overlapping or adjacent ranges into the fewest possible ranges — for example, '100-200, 150-300, 301-400' becomes '100-400'.

What are Well-Known, Registered, and Ephemeral ports?

IANA divides the 0–65535 port space into three categories: Well-Known ports (0–1023) are assigned to standard protocols like HTTP (80), HTTPS (443), and SSH (22) and require root/admin privileges to bind. Registered ports (1024–49151) are used by application services like MySQL (3306) and Redis (6379). Ephemeral ports (49152–65535) are dynamically assigned by the OS for outbound client connections.

How does the firewall rule generator work?

After calculating your port ranges the tool generates ready-to-paste snippets for iptables (using -m multiport --dports), nftables (using dport { }), and firewalld XML (<port> elements). Note that iptables multiport supports a maximum of 15 entries; a warning is shown if your ranges exceed that limit.

Are there any limits on the number of ports I can calculate?

The tool can handle the entire TCP/UDP port space (0–65535, i.e., 65,536 ports). Expansion of very large ranges (e.g., the entire ephemeral range) will produce a long list, so the display is capped at 500 individual ports with a note showing the full count. There is no limit on the number of ranges in the input expression.