rc.firewall rule for passive FTP from FTP server side

Thu Sep 7 22:15:01 PDT 2006

Hi, Noah.

N> ---- snip ----
N>         #/** Allow setup of FTP PASSIVE **/
N>         ${fwcmd} add allow tcp from ${ip} to any 1024-65534 keep-state
N>         ${fwcmd} add allow tcp from ${ip} to any 21 keep-state
N> --- snip ----

My FTP server run as ftp server and client (for download software),
and my ipfw rule:

# Allow setup of incoming ftp
${fwcmd} add pass tcp from any to ${ip} 21 setup keep-state
${fwcmd} add pass tcp from any to ${ip} 49152-65535 setup keep-state

# Allow setup of outgoing TCP connections only
${fwcmd} add pass tcp from ${ip} to any setup keep-state