Configuring the firewall to accept an application that updates an FTP site

I have an application that updates an FTP site. When I run it I get the following firewall event:
Windows operating system Blocked TCP ip… 20 ip… 5002
I have given “Windows operating system” application rules for an ftp client and this has solved the problem, but it does not seem to me to be a very secure solution. I have tried to give “ftp client” to WININET.DLL and to the update application - but this was not enough. The application is an MFC aplication that uses wininet. Have you any suggestion how to configure the firewall?

Firewalling ftp cannot be predicted as, moreover depending upon the fact that the connection is passive or active, random ports other then 20 and 21 can be invoked, and altough the algorithm to calculate these (not so) random ports would allow you at least to specify some port range.

I have no solution for ftp other then to set the firewall permissions to ask in order to check “who does what”, but such a behavior of course forbids scheduled actions like scripts on a ftp server.

Thanks Brucine - I do not know why I did not think about changing it to “ask” myself. In my case it is sufficient.