> It's been awhile since I had to play with FTP and IPTables, but there is an > optional kernel module for FTP connection tracking that you should look > into. Yes, I have both ip_conntrack_ftp and ip_conntrack loaded -- still seeing the same issue.