I am using firewalling of port 21.
3 chain=forward src-address=10.0.0.0/8 dst-address=10.0.0.0/8 protocol=tcp
dst-port=21 time=0s-2h,sat,fri,thu,wed,tue,mon,sun action=drop
But, what if someone changes port on ftp server, to lets say port 58 or something?
Is there a way to block FTP in a way like P2P is handled, so that port configuration of FTP server is not relevant?