Hi On my router/firewall which acting i am getting problem while anyone tries to connect to ftp server he connected successfully however when he types and command for example "ls" ftp server return error "500 Illegal PORT range rejected" Everything else is working fine. default policies are drop iptables --policy INPUT DROP iptables --policy FORWARD DROP iptables --policy OUTPUT DROP . . . iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.0/24 -d 0/0 -j MASQUERADE#iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT For FTP access.. iptables -A FORWARD -o ppp0 -p tcp -m multiport --dport 20,21 -m state --state NEW -j ACCEPT I understand that FTP server will also in return open a port on my side and this is what causing problem. However I don't know which chain and what rule to make for this to solve this problem. :) I any quick help in this regard will be greatly appreciated :D Regards Askar