> I have several customer FTP sites hosted on ports other than > 21 (ex: 2001, 2002, 2003 and so on) > > > Right now, the only way they can work properly is if I open > ports 1024 to 8000 for that machines so the ftp return ports > are able to connect. You would need virtual hosting I suppose, this is not a netfilter thing. Reading this, you can not use name-based virtual hosting with ftp : http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-Vhost.ht ml It says this : ------------- The definition of the File Transfer Protocol, unfortunately, does not (currently) support name-based virtual hosts, as HTTP1.1 supports. .... The bottom line is that ProFTPD does not support name-based virtual hosts; not because they are not implemented, but simply because the protocol itself does not support them. ------------- So, the only way to virtual host would be if you have multiple public IP's on which you run a ftp-site. Gr, Rob
