The problem is when I use these rules, for an unknown reason, iptable randomly drops client's FTP passive connection (get disconnected from Filezila FTP client) while connection is still maintained on server side
This cause troubles because when Filezila try to resume the connection, errors are experienced on server side which has ever a related connection in use.
Once I disable these NAT rules and configure my FTP server to listen on TCP 21 port and use TCP 20 source port (require root permission), this issue disapears.
More, regardless of iptable activation, FTPS transfers always works fine as if iptable was not able to inspect encrypted traffic.
Have you ever came across this issue? Or has someone an idea about what's wrong?