This appendix will describe some methods for configuring popular firewalls to support FTP communications. Most of these configuration guides/tips are user-provided and I am unable to test all of these recommendations. As always, be sure to do extensive research before implemetning any of the recommendations here!
When using IPTables, you can use the state match along with ftp conntrack helperrelated FTP traffic--in this case the data. What this means is that you
only need to open port 21 specifically. The random data port will be automatically opened with the following rules
(being sure to insert the FTP connection tracker helper module):
modprobe ip_conntrack_ftp iptables -A INPUT -i $WAN_IF -p tcp -m state --state NEW -dport 21 -j ACCEPT iptables -A INPUT -i $WAN_IF -m state --state ESTABLISHED,RELATED -j ACCEPT