In this sequence we will install FTP service and will setup it in some different ways. You should install package on your machine. Look at /etc/services for service ftp, and also open port in firewall for it. It should be 21. Start service when machine boots.

[root@security1 ~]# yum -y install vsftpd

After this you setup system for active mod. If you want to setup it for passive mod you should include line

IPTABLES_MODULES="ip_conntrack_ftp"

in /etc/sysconfig/iptables-config. Run modprobe ip_conntrack_ftp so kernel load properly module. After this you should telnet now on machine.

[root@security2 ~]# telnet security1 21
...
USER ftp
...
PASS root@setenforce.com
...
PASV
227 Entering Passive Mode (192,168,0,120,141,197)

I want to stop for a while here. You need to calculate port number for next session. So you should do next 256*141+197=36293. In another window start next

[root@security2 ~]# telnet security1 36293

When you do LIST in first window you will see content of directory in another window. OK, now we will try active connection. In firs window do next:

PORT 192,168,0,20,141,197

as you can see 192,168,0,20 would be source (initialize) telnet command, and 141,197 we got from PASV command. Now in another window we will start

[root@security2 ~]# nc -l 36293

and if we do LIST in first window, we will see content of directory in second terminal. Conclusion after all of this is: PORT stay active and after sending command, and PASV brake up after any command