In-kernel ipfw NAT and port ranges

Hello all,

After an hour of googling I turned up empty so I decided to post here. 
I'm running a server with a single IPv4 address and a number of VNET 
jails. The jails all have RFC1918 addresses and are connected to a 
bridge. Pretty standard stuff and everything works, including individual 
port redirection.

The problem now: passive FTP. I would like to NAT a range of high ports 
to an FTP jail on the inside. The jail lives at 10.20.0.17 and runs a 
low traffic anonymous FTP server for public use. Configuring the NAT to 
redirect ports 20 and 21 there individually works just fine. In order to 
also forward ports 63000-65000 there (the passvie high-port range as 
configured on the FTP server), I run into errors when trying to use 
redirect_port with a range.

So this part of the NAT config works fine:

redirect_port tcp 10.20.0.17:21 21

While this bit runs into errors:

redirect_port tcp 10.20.0.17:63000-65000 63000-65000

I looked at the source code and it seems that the in-kernel NAT indeed 
doesn't permit passing in port ranges for redirection. Is this true? And 
if so, what would my options be? I'm trying to run as few services as 
possible on the host itself, so I'd prefer to not run FTP proxies on 
there unless that really is the best way forward. My other option seems 
to be natd.

Any help or insights would be much appreciated!

Bas