milkyist-files: add uci config files for 703n

milkymist-files/data/m1/files/etc/config/dhcp

@@ -0,0 +1,27 @@
+
+config 'dnsmasq'
+	option 'domainneeded' '1'
+	option 'boguspriv' '1'
+	option 'filterwin2k' '0'
+	option 'localise_queries' '1'
+	option 'rebind_protection' '1'
+	option 'rebind_localhost' '1'
+	option 'local' '/lan/'
+	option 'domain' 'lan'
+	option 'expandhosts' '1'
+	option 'nonegcache' '0'
+	option 'authoritative' '1'
+	option 'readethers' '1'
+	option 'leasefile' '/tmp/dhcp.leases'
+	option 'resolvfile' '/tmp/resolv.conf.auto'
+
+config 'dhcp' 'lan'
+	option 'interface' 'lan'
+	option 'start' '100'
+	option 'leasetime' '12h'
+	option 'limit' '1'
+
+config 'dhcp' 'wan'
+	option 'interface' 'wan'
+	option 'ignore' '1'
+

milkymist-files/data/m1/files/etc/config/firewall

@@ -0,0 +1,141 @@
+
+config 'defaults'
+	option 'syn_flood' '1'
+	option 'input' 'ACCEPT'
+	option 'output' 'ACCEPT'
+	option 'forward' 'REJECT'
+
+config 'zone'
+	option 'name' 'lan'
+	option 'network' 'lan'
+	option 'input' 'ACCEPT'
+	option 'output' 'ACCEPT'
+	option 'forward' 'REJECT'
+
+config 'zone'
+	option 'name' 'wan'
+	option 'input' 'REJECT'
+	option 'output' 'ACCEPT'
+	option 'forward' 'REJECT'
+	option 'masq' '1'
+	option 'mtu_fix' '1'
+	option 'network' 'wan wwan'
+
+config 'forwarding'
+	option 'src' 'lan'
+	option 'dest' 'wan'
+
+config 'rule'
+	option 'name' 'Allow-DHCP-Renew'
+	option 'src' 'wan'
+	option 'proto' 'udp'
+	option 'dest_port' '68'
+	option 'target' 'ACCEPT'
+	option 'family' 'ipv4'
+
+config 'rule'
+	option 'name' 'Allow-Ping'
+	option 'src' 'wan'
+	option 'proto' 'icmp'
+	option 'icmp_type' 'echo-request'
+	option 'family' 'ipv4'
+	option 'target' 'ACCEPT'
+
+config 'rule'
+	option 'name' 'Allow-DHCPv6'
+	option 'src' 'wan'
+	option 'proto' 'udp'
+	option 'src_ip' 'fe80::/10'
+	option 'src_port' '547'
+	option 'dest_ip' 'fe80::/10'
+	option 'dest_port' '546'
+	option 'family' 'ipv6'
+	option 'target' 'ACCEPT'
+
+config 'rule'
+	option 'name' 'Allow-ICMPv6-Input'
+	option 'src' 'wan'
+	option 'proto' 'icmp'
+	list 'icmp_type' 'echo-request'
+	list 'icmp_type' 'destination-unreachable'
+	list 'icmp_type' 'packet-too-big'
+	list 'icmp_type' 'time-exceeded'
+	list 'icmp_type' 'bad-header'
+	list 'icmp_type' 'unknown-header-type'
+	list 'icmp_type' 'router-solicitation'
+	list 'icmp_type' 'neighbour-solicitation'
+	option 'limit' '1000/sec'
+	option 'family' 'ipv6'
+	option 'target' 'ACCEPT'
+
+config 'rule'
+	option 'name' 'Allow-ICMPv6-Forward'
+	option 'src' 'wan'
+	option 'dest' '*'
+	option 'proto' 'icmp'
+	list 'icmp_type' 'echo-request'
+	list 'icmp_type' 'destination-unreachable'
+	list 'icmp_type' 'packet-too-big'
+	list 'icmp_type' 'time-exceeded'
+	list 'icmp_type' 'bad-header'
+	list 'icmp_type' 'unknown-header-type'
+	option 'limit' '1000/sec'
+	option 'family' 'ipv6'
+	option 'target' 'ACCEPT'
+
+config 'include'
+	option 'path' '/etc/firewall.user'
+
+config 'zone'
+	option 'name' 'newzone'
+	option 'input' 'ACCEPT'
+	option 'forward' 'REJECT'
+	option 'network' ' '
+	option 'output' 'ACCEPT'
+
+config 'rule'
+	option 'target' 'ACCEPT'
+	option 'src' 'wan'
+	option 'dest_port' '22'
+	option 'name' 'ssh'
+	option 'family' 'ipv4'
+	option 'proto' 'tcp udp'
+
+config 'rule'
+	option 'target' 'ACCEPT'
+	option 'src' 'wan'
+	option 'dest_port' '80'
+	option 'name' 'web'
+	option 'family' 'ipv4'
+	option 'proto' 'tcp udp'
+
+config 'redirect'
+	option 'target' 'DNAT'
+	option 'src' 'wan'
+	option 'dest' 'lan'
+	option 'proto' 'tcp udp'
+	option 'src_dport' '4444'
+	option 'dest_ip' '192.168.42.100'
+	option 'dest_port' '4444'
+	option 'name' 'osc'
+
+config 'redirect'
+	option 'target' 'DNAT'
+	option 'src' 'wan'
+	option 'dest' 'lan'
+	option 'proto' 'tcp'
+	option 'src_dport' '21'
+	option 'dest_ip' '192.168.42.100'
+	option 'dest_port' '21'
+	option 'name' 'ftp'
+
+config 'redirect'
+	option 'target' 'DNAT'
+	option 'src' 'wan'
+	option 'dest' 'lan'
+	option 'proto' 'tcp udp'
+	option 'src_dport' '23'
+	option 'dest_ip' '192.168.42.100'
+	option 'dest_port' '23'
+	option 'name' 'telnet'
+

milkymist-files/data/m1/files/etc/config/network

@@ -0,0 +1,14 @@
+
+config 'interface' 'loopback'
+	option 'ifname' 'lo'
+	option 'proto' 'static'
+	option 'ipaddr' '127.0.0.1'
+	option 'netmask' '255.0.0.0'
+
+config 'interface' 'lan'
+	option 'ifname' 'eth0'
+	option 'type' 'bridge'
+	option 'proto' 'static'
+	option 'netmask' '255.255.255.0'
+	option 'ipaddr' '192.168.42.1'
+

milkymist-files/data/m1/files/etc/config/uhttpd

@@ -0,0 +1,84 @@
+# Server configuration
+config uhttpd main
+
+	# HTTP listen addresses, multiple allowed
+	list listen_http	0.0.0.0:80
+#	list listen_http	[::]:80
+
+	# HTTPS listen addresses, multiple allowed
+	list listen_https	0.0.0.0:443
+#	list listen_https	[::]:443
+
+	# Server document root
+	option home		/www
+
+	# Reject requests from RFC1918 IP addresses
+	# directed to the servers public IP(s).
+	# This is a DNS rebinding countermeasure.
+	option rfc1918_filter 1
+
+	# Certificate and private key for HTTPS.
+	# If no listen_https addresses are given,
+	# the key options are ignored.
+	option cert		/etc/uhttpd.crt
+	option key		/etc/uhttpd.key
+
+	# CGI url prefix, will be searched in docroot.
+	# Default is /cgi-bin
+	option cgi_prefix	/cgi-bin
+
+	# List of extension->interpreter mappings.
+	# Files with an associated interpreter can
+	# be called outside of the CGI prefix and do
+	# not need to be executable.
+#	list interpreter	".php=/usr/bin/php-cgi"
+#	list interpreter	".cgi=/usr/bin/perl"
+
+	# Lua url prefix and handler script.
+	# Lua support is disabled if no prefix given.
+#	option lua_prefix	/luci
+#	option lua_handler	/usr/lib/lua/luci/sgi/uhttpd.lua
+
+	# CGI/Lua timeout, if the called script does not
+	# write data within the given amount of seconds,
+	# the server will terminate the request with
+	# 504 Gateway Timeout response.
+	option script_timeout	60
+
+	# Network timeout, if the current connection is
+	# blocked for the specified amount of seconds,
+	# the server will terminate the associated
+	# request process.
+	option network_timeout	30
+
+	# TCP Keep-Alive, send periodic keep-alive probes
+	# over established connections to detect dead peers.
+	# The value is given in seconds to specify the
+	# interval between subsequent probes.
+	# Setting this to 0 will disable TCP keep-alive.
+	option tcp_keepalive	1
+
+	# Basic auth realm, defaults to local hostname
+#	option realm	OpenWrt
+
+	# Configuration file in busybox httpd format
+#	option config	/etc/httpd.conf
+
+
+# Certificate defaults for px5g key generator
+config cert px5g
+
+	# Validity time
+	option days		730
+
+	# RSA key size
+	option bits		1024
+
+	# Location
+	option country		DE
+	option state		Berlin
+	option location		Berlin
+
+	# Common name
+	option commonname	OpenWrt
+