Yes, but port 20 is normally used as remote port for the ftp-data
connection going to that local (negotiated) port. So that's why you
will normally see it listed using ipfwadm -Mln.
> you can *NEVER* ftp through a "closed" firewall except when using
> passive mode, see the PASV command, part of the ftp-protocoll.
This depends on your definition of a "closed" firewall. The special
treatment of the FTP PORT command *does* allow you to use it in
combination with IP masquerading, *without* using passive mode.
-- -- Jos Vos <firstname.lastname@example.org> -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204