I'm trying to get a firewall to allow access to an ftp behind it and have almost got it. I used to get a 'connection refused' message but have added another rule and now it seems to stop when trying to list the remote directory. My current rules are as follows (from www.linux-firewall-tools.com (http://www.linux-firewall-tools.com) ):

# FTP (20, 21) - Allowing Incoming Access to Your Local FTP Server
# ----------------------------------------------------------------

# incoming request

ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \
-s $ANYWHERE $UNPRIVPORTS \
-d $IPADDR 21 -j ACCEPT

ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $IPADDR 21 \
-d $ANYWHERE $UNPRIVPORTS -j ACCEPT

# Normal Port Mode FTP Data Channel Responses

ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR 20 \
-d $ANYWHERE $UNPRIVPORTS -j ACCEPT

ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $ANYWHERE $UNPRIVPORTS \
-d $IPADDR 20 -j ACCEPT


Port forwarding rule:
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTERNAL_INTERFACE 21 -R 192.168.1.4 21

Am I missing something. I really need to get this ftp up for school. Thanks in advance.