Specifying ports for passive FTP

Normally when you connect to a FTP server through passive mode, the server will randomly select a port to use. You can specify a more finite range for the server to use if you like in either vsftpd or proftpd. Here’s how:

vsftpd:

pasv_min_port=22800
pasv_max_port=23000

proftpd:

PassivePorts 22800 23000

The reason you would want to do this would be to open up your firewall for a limited range of ports:

iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 22800:23000 -j ACCEPT