move target/default/target_skeleton into package/base-files, put all the default files in ipkg packages, cleanup some junk in toolchain/, toolchain/ no longer changes build_mipsel/root

git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@1494 3c298f89-4303-0410-b956-a3cf2f4a3e73

package/base-files/default/etc/init.d/S10boot

@@ -0,0 +1,38 @@
+#!/bin/sh
+echo "S" > /proc/jffs2_bbc
+
+mkdir -p /var/run
+mkdir -p /var/log
+touch /var/log/wtmp
+touch /var/log/lastlog
+
+[ "$(nvram get il0macaddr)" = "00:90:4c:5f:00:2a" ] && {
+  # if default wifi mac, set two higher than the lan mac
+  nvram set il0macaddr=$(nvram get et0macaddr|
+  awk '{OFS=FS=":";for(x=7,y=2;--x;){$x=sprintf("%02x",(y+="0x"$x)%256);y/=256}print}')
+}
+
+# set up the vlan*ports variables for the asus wl-500g deluxe
+# if they don't already exist 
+[  "$(nvram get boardtype)" = "bcm95365r" \
+-a "$(nvram get boardnum)" = "45" \
+-a -z "$(nvram get vlan0ports)$(nvram get vlan1ports)" ] && {
+	nvram set vlan0ports="1 2 3 4 5*"
+	nvram set vlan1ports="0 5"
+}
+
+sed 's/^[^#]/insmod &/' /etc/modules /etc/modules.d/* 2>&-|ash
+
+ifconfig lo 127.0.0.1 up
+ifconfig eth0 promisc
+
+HOSTNAME=$(nvram get wan_hostname)
+HOSTNAME=${HOSTNAME%%.*}
+echo ${HOSTNAME:=OpenWrt}>/proc/sys/kernel/hostname
+
+vconfig set_name_type VLAN_PLUS_VID_NO_PAD
+
+# automagically run firstboot
+[ -z "$FAILSAFE" ] && {
+	{ mount|grep "on / type jffs2" 1>&-; } || firstboot
+}

package/base-files/default/etc/init.d/S40network

@@ -0,0 +1,14 @@
+#!/bin/sh
+case "$1" in
+  start|restart)
+    ifup lan
+    ifup wan
+    ifup wifi
+    wifi up
+
+    for route in $(nvram get static_route); do {
+      eval "set $(echo $route | sed 's/:/ /g')"
+      $DEBUG route add -net $1 netmask $2 gw $3 metric $4 dev $5
+    } done
+    ;;
+esac

package/base-files/default/etc/init.d/S45firewall

@@ -0,0 +1,92 @@
+#!/bin/sh
+
+## Please make changes in /etc/firewall.user
+
+. /etc/functions.sh
+WAN=$(nvram get wan_ifname)
+LAN=$(nvram get lan_ifname)
+
+## CLEAR TABLES
+for T in filter nat mangle; do
+  iptables -t $T -F
+  iptables -t $T -X
+done
+
+iptables -N input_rule
+iptables -N output_rule
+iptables -N forwarding_rule
+
+iptables -t nat -N prerouting_rule
+iptables -t nat -N postrouting_rule
+
+### INPUT
+###  (connections with the router as destination)
+
+  # base case
+  iptables -P INPUT DROP
+  iptables -A INPUT -m state --state INVALID -j DROP
+  iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+  iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j  DROP
+
+  #
+  # insert accept rule or to jump to new accept-check table here
+  #
+  iptables -A INPUT -j input_rule
+
+  # allow
+  iptables -A INPUT -i \! $WAN	-j ACCEPT	# allow from lan/wifi interfaces 
+  iptables -A INPUT -p icmp	-j ACCEPT	# allow ICMP
+  iptables -A INPUT -p gre	-j ACCEPT	# allow GRE
+
+  # reject (what to do with anything not allowed earlier)
+  iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset
+  iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
+
+### OUTPUT
+### (connections with the router as source)
+
+  # base case
+  iptables -P OUTPUT DROP
+  iptables -A OUTPUT -m state --state INVALID -j DROP
+  iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+  #
+  # insert accept rule or to jump to new accept-check table here
+  #
+  iptables -A OUTPUT -j output_rule
+
+  # allow
+  iptables -A OUTPUT -j ACCEPT		#allow everything out
+
+  # reject (what to do with anything not allowed earlier)
+  iptables -A OUTPUT -p tcp -j REJECT --reject-with tcp-reset
+  iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable
+
+### FORWARDING
+### (connections routed through the router)
+
+  # base case
+  iptables -P FORWARD DROP 
+  iptables -A FORWARD -m state --state INVALID -j DROP
+  iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+  iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+  #
+  # insert accept rule or to jump to new accept-check table here
+  #
+  iptables -A FORWARD -j forwarding_rule
+
+  # allow
+  iptables -A FORWARD -i br0 -o br0 -j ACCEPT
+  iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
+
+  # reject (what to do with anything not allowed earlier)
+  # uses the default -P DROP
+
+### MASQ
+  iptables -t nat -A PREROUTING -j prerouting_rule
+  iptables -t nat -A POSTROUTING -j postrouting_rule
+  iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
+
+## USER RULES
+[ -f /etc/firewall.user ] && . /etc/firewall.user

package/base-files/default/etc/init.d/S50dnsmasq

@@ -0,0 +1,27 @@
+#!/bin/sh
+. /etc/functions.sh
+
+# interface to use for DHCP
+iface=lan
+
+ifname=$(nvram get ${iface}_ifname)
+ipaddr=$(nvram get ${iface}_ipaddr)
+netmask=$(nvram get ${iface}_netmask)
+
+(
+	# check for existing DHCP server
+	udhcpc -n -q -R -s /dev/zero -i $ifname >&- || {
+
+	  ipaddr=$(ip2int $ipaddr)
+	  netmask=$(ip2int ${netmask:-255.255.255.0})
+	  network=$((ipaddr&netmask))
+	  
+	  start=$(nvram get dhcp_start)
+	  start=$((network+${start:-100}))
+	  end=$(nvram get dhcp_num)
+	  end=$((start+${end:-150}))
+	  
+	  args="-l /tmp/dhcp.leases -K -F $(int2ip $start),$(int2ip $end),$(int2ip $netmask),12h"
+	}
+	dnsmasq ${args}
+) &

package/base-files/default/etc/init.d/S50httpd

@@ -0,0 +1,2 @@
+#!/bin/sh
+httpd -p 80 -h /www -r WRT54G Router

package/base-files/default/etc/init.d/S50telnet

@@ -0,0 +1,2 @@
+#!/bin/sh
+telnetd -l /bin/login

package/base-files/default/etc/init.d/S99done

@@ -0,0 +1,4 @@
+#!/bin/sh
+# set leds to normal state
+echo "0x00" > /proc/sys/diag
+sysctl -p >&-

package/base-files/default/etc/init.d/rcS

@@ -0,0 +1,8 @@
+#!/bin/sh
+syslogd -C 16
+klogd
+${FAILSAFE:+telnetd -l /bin/login; ifup lan; exit}
+
+for i in /etc/init.d/S*; do
+  $i start 2>&1
+done | logger -s -p 6 -t '' &