In some email I received from Jun-ichiro itojun Hagino, sie wrote:
> 	what is the meaning of ippr_ftp_insecure in ip_ftp_pxy.c?
> 	it looks that, depending on the variable, the ftp proxy module
> 	changes behavior against PORT command rewriting.
> 	the variable name makes me wonder what is it, and who/from whom
> 	does it try to protect what.
> 
> 	- if the variable is set to 1, PORT command will be rewritten
> 	  independent of login status of client - even if USER/PASS is
> 	  not issued, PORT command will be rewritten.
> 	- if the variable is set to 1, PORT command will be rewritten
> 	  only after successful ftp login.

It forces a login to the ftp server so you just can't start issuing
PORT commands to scan ports.

Darren