apf -a 173.204.85.217;apf -a 173.248.147.18;apf -a 72.46.130.42;apf -a 212.84.74.156; apf -a 94.46.240.121; apf -a 84.246.230.247

iptables -I INPUT -p tcp -s IP_Address -j ACCEPT

Getting the following error while trying to restart csf in my VPS .

root@a24uall [/etc/csf]# csf -r
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under ‘A note about FTP Connection Issues’ on how to do this if you have not already done so.
root@a24uall  [/etc/csf]#

Solution :  IF we dont have node access we need to change the settings in VPS itself

Check if its Pure FTP or Pro FTP and add the following line in the conf file.

vi /etc/pure-ftpd.conf
PassivePortRange 30000 35000

vi /etc/proftpd.conf
PassivePortRange 30000 35000

vi /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,30000:35000″

If you see this error while restarting iptables then in place of csf step use :

iptables -A INPUT -p tcp –dport 30000:35000 -j ACCEPT

service iptables stop
service iptables start
/etc/init.d/iptables status

Open a Port using Iptables

iptables -A INPUT -p tcp –dport portnumber -j ACCEPT

iptables -A OUTPUT -p tcp –sport portnumber -j ACCEPT

Allow an IP address using IP tables

iptables -I INPUT -p tcp -s IP_Address -j ACCEPT

/etc/init.d/apf restart

iptables -nL | grep IP