ok, i'm having a difficult time getting this working.  i've got an ftp server
sitting behind an IPFILTER box.

i've got this rule:

pass in quick proto tcp from any to 192.168.1.2/32 port 49152 >< 65535 flags S keep state

192.168.1.2 is a bimap to a public address.

and if i look on my ftp server (1.5.1 on an alpha) i see:

$ /sbin/sysctl -a | grep port
net.inet.ip.anonportmin = 49152
net.inet.ip.anonportmax = 65535

and i'm using stock NetBSD ftpd.  for some reason though passive ftp from the
outside still doesn't work.

am i overlooking something?

-brian