[abbeyj]

The FTP connection seems to be using active mode (PORT command). Does using passive mode (PASV command) help at all? This is usually the easiest fix for problems with FTP and firewalls, without having to reconfigure or poke holes in the firewall. I actually thought that most ftp clients had switched to passive mode by default to avoid this type of issue.

[tverbeure]

I tried. The logic analyzer doesn’t support PASV. I could only make it work by opening up all ports for the logic analyzer IP address. At least that was the case for Ubuntu 20.04, it worked out of the box for Ubuntu 18.04. I need to dig into that one day…

[abbeyj]

Since you're stuck using active FTP, maybe using nf_conntrack_ftp would help? I believe it is supposed to snoop the FTP connection, extract the port number from the PORT command, and then open only that port (from only that one IP) on the firewall. Of course since this is all on your LAN, just opening up all connections from the IP address is not really that dangerous and so anything more advanced might not be worth the effort.