Preventing FTP Access with ACL

in CCNA & CCENT
Can anyone please help - came across this question . .
How would you prevent FTP access to a host using only port numbers?
Would you have to code the following for both port numbers 20 and 21 or would just one of the FTP port numbers suffice?
access-list 101 deny tcp 172.16.00 0.0.255.255 any eq 20
access-list 101 deny tcp 172.16.00 0.0.255.255 any eq 21
access-list 101 permit ip any any
interface serial 0
ip access-group 101 in
Hope this makes sense - Many thanks
How would you prevent FTP access to a host using only port numbers?
Would you have to code the following for both port numbers 20 and 21 or would just one of the FTP port numbers suffice?
access-list 101 deny tcp 172.16.00 0.0.255.255 any eq 20
access-list 101 deny tcp 172.16.00 0.0.255.255 any eq 21
access-list 101 permit ip any any
interface serial 0
ip access-group 101 in
Hope this makes sense - Many thanks
Comments
this command blocks both port 20 and 21. However be carefull as people can use fpt through http passive mode which will use port 80 http for ftp access.
access-list 110 deny tcp any any eq 115