Add macro for backup servers

minifirewall

@@ -85,6 +85,7 @@ SSHOK=''
 SMTPOK=''
 SMTPSECUREOK=''
 NTPOK=''
+BACKUPSERVERS=''
 
 legacy_config_file="/etc/firewall.rc"
 config_file="/etc/default/minifirewall"
@@ -405,6 +406,18 @@ start() {
         ${IPT} -A OUTPUT -o ${INT} -p udp -d ${src} --dport 123 --match state --state NEW -j ACCEPT
     done
 
+    # Output for backup servers
+    for server in ${BACKUPSERVERS}; do
+        server_ip=$(echo "${server}" | cut -d ':' -f1)
+        server_port=$(echo "${server}" | cut -d ':' -f2)
+        if [ -n "${server_ip}" ] && [ -n "${server_port}" ]; then
+            ${IPT} -A INPUT -p tcp --sport "${server_port}" --dport 1024:65535 -s "${server_ip}" -m state --state ESTABLISHED,RELATED -j ACCEPT
+        else
+            echo "Unrecognized syntax for BACKUPSERVERS '${server}\`. Use space-separated IP:PORT tuples." >&2
+            exit 1
+        fi
+    done
+
     # Always allow ICMP
     ${IPT} -A INPUT -p icmp -j ACCEPT
     if is_ipv6_enabled; then

minifirewall.conf

@@ -78,6 +78,10 @@ SMTPSECUREOK=''
 NTPOK='0.0.0.0/0'
 
 
+# Backup servers
+# (add IP:PORT for each one, example: '192.168.10.1:1234 192.168.10.2:5678')
+BACKUPSERVERS=''
+
 # Includes
 #####################