SFTP is all tunneled over SSH, which removes the need for such NAT hacks. Past experience has dictated that any sort of NAT considerations for FTP aren't likely to be implemented given that FTP is a cleartext protocol that transmits usernames and passwords unprotected. As for the the firewall rules, "implicit" implies that it's an unspecified behavior, which is not the case. Yes, there's a default allow rule, but it's very much explicit.
... View more
