disable firewall ? the real problem with FTP is that service sends all data in clear text. If you allow only FTP service ...imho it is a poor protection. SeLinux is a good start. What about chroot all ftp users ?
On SUSE I would use a good ftpd, try AppArmor, leave that firewall on and only allow the required ports and maybe also use TCP_wrappers (it can't hurt).