01 Jan 2011, 14:50

IPTables Passive FTP Connection Tracking on non-standard ports


Ever tried to run a Linux FTP Server behind a IPTables firwall on non-standard ports, i.e. not on port 21?

The problem is that the FTP connection tracking module nf_conntrack_ftp only watches port 21. If you want to use other ports the module must be loaded with the parameter


if you want to run an ftp server on port 21 and one on port 5367. The usual other iptables rules apply, too.