I have set up 3 VMware machines like this

machine A(client): 192.168.1.202/24(ens33)
machine B : 192.168.1.201/24(ens33)
: 192.168.2.2/29(ens33:1)
machine C(ftp) : 192.168.2.1/29(ens33)

I want A to access C through B
A->B->C

here are the commands I alr used on B:
sysctl net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 21 -j DNAT --to-destination 192.168.2.1
iptables -t nat -A POSTROUTING -j MASQUERADE

I am able to access the FTP using A, but I need to route the traffic from C back to A. Also open port 20, so that they can transfer data

when I try to use command "dir":
500 illegal port command
ftp: bind: address already in use

what are the other rules i should add in. beside that do i need modprobe ipconntrackftp & modprobe ipnatftp in this case?