Cannot get ProFTPD working

[kiav]

Plesk 12.5.30 WEB Admin Edition on CentOS 6.1
FileZilla 3.14.1 as a client.
External (white) fixed IPv4.

I get an error:

02:10:39   Status:   Resolving address of example.com
02:10:39   Status:   Connecting to 1.2.3.4:21...
02:10:39   Status:   Connection established, waiting for welcome message...
02:10:39   Status:   Initializing TLS...
02:10:40   Status:   Verifying certificate...
02:10:40   Status:   TLS connection established.
02:10:40   Status:   Connected
02:10:40   Status:   Retrieving directory listing...
02:11:00   Command:   PWD
02:11:00   Response:   257 "/" is the current directory
02:11:00   Command:   TYPE I
02:11:00   Response:   200 Type set to I
02:11:00   Command:   PORT 192,168,10,2,209,84
02:11:00   Response:   200 PORT command successful
02:11:00   Command:   MLSD
02:11:00   Error:   Connection timed out after 20 seconds of inactivity
02:11:00   Error:   Failed to retrieve directory listing

I never saw a directory listing.

In /var/log/messages:

Oct 26 01:47:38 mybirds xinetd[1917]: START: ftp pid=5662 from=::ffff:31.135.228.80
Oct 26 01:47:38 mybirds proftpd[5662]: processing configuration directory '/etc/proftpd.d'
Oct 26 01:47:38 mybirds proftpd[5662]: 127.0.0.1 (31.135.228.80[31.135.228.80]) - mod_delay/0.7: unable to open DelayTable '/var/proftpd.delay': No such file or directory
Oct 26 01:47:38 mybirds proftpd[5662]: 127.0.0.1 (31.135.228.80[31.135.228.80]) - FTP session opened.

I already tried to set up passive ports in Global section of /etc/proftpd.conf as told in KB:

PassivePorts 57000 58000

# lsmod | grep ftp
nf_nat_ftp  3443  0
nf_nat  22676  1 nf_nat_ftp
nf_conntrack_ftp  11953  1 nf_nat_ftp
nf_conntrack  79206  6 nf_nat_ftp,nf_nat,nf_conntrack_ftp,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state

And manually added all ports into iptables:

# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 57000:58000 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 990 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 20 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -p tcp --dport 21 -j ACCEPT

# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target  prot opt source  destination
1  ACCEPT  all  --  anywhere  anywhere  state RELATED,ESTABLISHED
2  ACCEPT  icmp --  anywhere  anywhere
3  ACCEPT  all  --  anywhere  anywhere
4  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ssh
5  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftp
6  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftp-data
7  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:ftps
8  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpts:57000:58000
9  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:http
10  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:https
11  ACCEPT  tcp  --  anywhere  anywhere  state NEW tcp dpt:pcsync-https
12  REJECT  all  --  anywhere  anywhere  reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target  prot opt source  destination
1  REJECT  all  --  anywhere  anywhere  reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target  prot opt source  destination

I even manualy reinstalled psa-proftpd.

What is the reason?

 

[kiav]

I found solution.

For sure I set passive ports acording admin guide (port range 49152:65534 and xinetd restart).
Then I forwarded port for active mode as told in FileZilla docs.

I guess that Active Mode is working for me.