The more I think about it the more I wonder if I need to edit my iptables manually to do what I want.

On my home network, I have an Ubuntu server running vsftpd, using SSL. It works just fine inside my dd-wrt firewall. I can authenticate to it and upload and download files like a champ.

However, once I try doing this from outside the firewall, no joy. I am able to authenticate, but once the FTP client tries to LIST anything, it hangs indefinitely.

I have tried opening up high ports (like tens of thousands of them), but this hasn't changed anything.

I started looking around and noticing that some folks are editing their iptables manually to get around this issue using RELATED ports.

I am very much a networking novice, so I'd appreciate any help you can send my way.