Specifying ports for passive FTP

Normally when you connect to a FTP server through passive mode, the server will randomly select a port to use. You can specify a more finite range for the server to use if you like in either vsftpd or proftpd. Here’s how:




PassivePorts 22800 23000

The reason you would want to do this would be to open up your firewall for a limited range of ports:

iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 22800:23000 -j ACCEPT

