I was monitoring some ftp browsing and noticed that for each directory I clicked a new pasv command was sent to the ftp server.
This meant that a new tcp connection was created on a new port every time I requested a directory.
To ensure smooth browsing I have to allow a few new tcp connections per second in iptables.
Is this how the protocol was built, or do I have vsftpd set up wrong?