diff --git a/vsftpd-2.0.4-conf.diff b/vsftpd-2.0.4-conf.diff
index 7b4a969..a3ad890 100644
--- a/vsftpd-2.0.4-conf.diff
+++ b/vsftpd-2.0.4-conf.diff
@@ -259,5 +259,5 @@
 +ssl_enable=NO
  
 +# Limit passive ports to this range to assis firewalling
-+pasv_min_port=1024
-+pasv_max_port=2024
++pasv_min_port=30000
++pasv_max_port=30100
diff --git a/vsftpd.changes b/vsftpd.changes
index e2bd49f..5049931 100644
--- a/vsftpd.changes
+++ b/vsftpd.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Sep 15 14:52:05 CEST 2008 - hvogel@suse.de
+
+- limit port range for passv to 30000:30100 to assist firewalling
+  [bnc#420671]
+
 -------------------------------------------------------------------
 Mon Sep  8 15:30:43 CEST 2008 - hvogel@suse.de
 
diff --git a/vsftpd.firewall b/vsftpd.firewall
index c550039..8ed4b63 100644
--- a/vsftpd.firewall
+++ b/vsftpd.firewall
@@ -2,7 +2,7 @@
 ## Description: Opens ports for vsftpd Server.
 
 # space separated list of allowed TCP ports
-TCP="ftp 1024:2024"
+TCP="ftp 30000:30100"
 
 # space separated list of allowed UDP ports
 UDP=""
diff --git a/vsftpd.spec b/vsftpd.spec
index 6269ee8..cda5031 100644
--- a/vsftpd.spec
+++ b/vsftpd.spec
@@ -26,7 +26,7 @@ BuildRequires:  libcap
 BuildRequires:  libcap-devel
 %endif
 Version:        2.0.7
-Release:        1
+Release:        4
 Summary:        Very Secure FTP Daemon - Written from Scratch
 License:        GPL v2 or later
 Group:          Productivity/Networking/Ftp/Servers
@@ -138,6 +138,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
 
 %changelog
+* Mon Sep 15 2008 hvogel@suse.de
+- limit port range for passv to 30000:30100 to assist firewalling
+  [bnc#420671]
 * Mon Sep 08 2008 hvogel@suse.de
 - version 2.0.7
   * Fix man page typo