The command was run on the box with vsftpd running on it. There are no stupid questions, many times its the stupid questions that solve the problem.

Could it have anything to do with the following settings?

pasv_enable=YES
pasv_promiscuous=YES
port_promiscuous=YES

I know that they don't recommend using the promiscuous modes, could this be what is causing the problems? Could it be the passive connection being allowed? Again I'm pretty new at this stuff so I'm taking some shots in the dark here.

i think it could have something to do with it... it's my understanding that to filter packets in promiscuous mode you'd need to do so at layer 2 (MAC address, etc.)... but iptables works at layer 3 (although there is a MAC address match module)... but considering that packets coming from the Internet don't have MAC addresses i'm not sure how you'd go about it... but if this is indeed the way it works, then it would make sense for your iptables rules to have no effect... keep in mind i don't really know much if anything about this sort of stuff so you might wanna wait for someone more knowledgable than me to chime-in... that said, i don't think you'd have anything to lose by doing a test in non-promiscuous mode... who knows - your shot in the dark might be a direct hit... ;)