I've been using nf_conntrack_ftp module successfully (though rarely), but now I have to deal with TLS-encrypted FTP - this renders that helper useless an I would have to resort to opening the firewall statically, which I'd rather avoid.
Are there any generic nf_conntrack* modules that would work in this case? The scenario I'm interested in is if there is a connection to port 21/tcp, allow connection to any other port to that remote host
