diff --git a/cmd/apply.go b/cmd/apply.go
index 025b4ef..c6c43ba 100644
--- a/cmd/apply.go
+++ b/cmd/apply.go
@@ -41,11 +41,20 @@ var applyCmd = &cobra.Command{
 
 		var wg sync.WaitGroup
 		chErr := make(chan error, len(ruleSet.Rules))
+		chLimit := make(chan int, 10)
 		rulesFileIsValid := true
 
 		for _, rule := range ruleSet.Rules {
 			wg.Add(1)
-			go ipt.Validate(rule.Iface, rule.Proto, rule.Dport, rule.Saddr, rule.Sport, &wg, chErr)
+			// add slot to buffered channel
+			chLimit <- 1
+			go func(rule ipt.Rule, wg *sync.WaitGroup, chErr chan error, chLimit chan int) {
+				err := ipt.Validate(rule.Iface, rule.Proto, rule.Dport, rule.Saddr, rule.Sport)
+				wg.Done()
+				chErr <- err
+				// free slot from buffered channel
+				<-chLimit
+			}(rule, &wg, chErr, chLimit)
 		}
 		go func() {
 			wg.Wait()
diff --git a/pkg/iptables/forward.go b/pkg/iptables/forward.go
index ce0a8ec..8988da4 100644
--- a/pkg/iptables/forward.go
+++ b/pkg/iptables/forward.go
@@ -5,7 +5,6 @@ import (
 	"net"
 	"strconv"
 	"strings"
-	"sync"
 
 	"github.com/alegrey91/fwdctl/internal/extractor"
 )
@@ -59,10 +58,8 @@ func validateAddress(address string) error {
 	return nil
 }
 
-func Validate(iface string, proto string, dport int, saddr string, sport int, wg *sync.WaitGroup, errCh chan error) {
-	defer wg.Done()
-	err := validateForward(iface, proto, dport, saddr, sport)
-	errCh <- err
+func Validate(iface string, proto string, dport int, saddr string, sport int) error {
+	return validateForward(iface, proto, dport, saddr, sport)
 }
 
 // validateForward returns both bool and error.