OpenWrt network interface for wifi am: 86b522d3dd am: 75f21da26d am: 8d3b15c398 am: 34233c53bf

Original change: https://android-review.googlesource.com/c/platform/external/openwrt-prebuilts/+/1911017

Change-Id: Ib2f8d094beba64c0aad12418b9ca7bf2f5b4c810
diff --git a/x86/Android.bp b/x86/Android.bp
index 0385e1c..a477379 100644
--- a/x86/Android.bp
+++ b/x86/Android.bp
@@ -20,14 +20,17 @@
         "kmods/*",
         "packages/*",
         "uci-defaults/*",
+        "config/*",
     ],
     out: ["customization.img"],
     cmd: "mkdir -p $(genDir)/root/upper/etc/uci-defaults && " +
          "mkdir -p $(genDir)/root/upper/ipks && " +
+         "mkdir -p $(genDir)/root/upper/etc/config && " +
          "cp $(in) $(genDir)/ && " +
          "mv $(genDir)/*.ipk $(genDir)/root/upper/ipks && " +
          "mv $(genDir)/LICENSE $(genDir)/HOW_TO_GET_SOURCE_CODE $(genDir)/root/upper && " +
-         "mv $(genDir)/0_network_config $(genDir)/root/upper/etc/uci-defaults && " +
+         "mv $(genDir)/0_default_config $(genDir)/root/upper/etc/uci-defaults && " +
+         "find $(genDir) -maxdepth 1 -type f -exec mv {} $(genDir)/root/upper/etc/config \\; && " +
          "ln -s 2 $(genDir)/root/.fs_state && " +
          "truncate -s 128M $(out) && " +
          "$(location make_f2fs) $(out) && " +
diff --git a/x86/config/dhcp b/x86/config/dhcp
new file mode 100644
index 0000000..e93f8f6
--- /dev/null
+++ b/x86/config/dhcp
@@ -0,0 +1,46 @@
+config dnsmasq
+	option domainneeded '1'
+	option boguspriv '1'
+	option filterwin2k '0'
+	option localise_queries '1'
+	option rebind_protection '1'
+	option rebind_localhost '1'
+	option local '/lan/'
+	option domain 'lan'
+	option expandhosts '1'
+	option nonegcache '0'
+	option authoritative '1'
+	option readethers '1'
+	option leasefile '/tmp/dhcp.leases'
+	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
+	option nonwildcard '1'
+	option localservice '1'
+	option ednspacket_max '1232'
+
+config dhcp 'lan'
+	option interface 'lan'
+	option start '100'
+	option limit '150'
+	option leasetime '12h'
+	option dhcpv4 'server'
+	option dhcpv6 'server'
+	option ra 'server'
+	option ra_slaac '1'
+	list ra_flags 'managed-config'
+	list ra_flags 'other-config'
+
+config dhcp 'wan'
+	option interface 'wan'
+	option ignore '1'
+
+config odhcpd 'odhcpd'
+	option maindhcp '0'
+	option leasefile '/tmp/hosts/odhcpd'
+	option leasetrigger '/usr/sbin/odhcpd-update'
+	option loglevel '4'
+
+config 'dhcp' 'wifi'
+	option 'interface' 'wifi'
+	option 'start' '100'
+	option 'limit' '150'
+	option 'leasetime' '12h'
diff --git a/x86/config/firewall b/x86/config/firewall
new file mode 100644
index 0000000..8c936ed
--- /dev/null
+++ b/x86/config/firewall
@@ -0,0 +1,159 @@
+config defaults
+	option syn_flood '1'
+	option input 'ACCEPT'
+	option output 'ACCEPT'
+	option forward 'REJECT'
+
+config zone
+	option name wifi
+	list network 'wifi'
+	option input ACCEPT
+	option output ACCEPT
+	option forward REJECT
+
+config 'forwarding'
+	option 'src' 'wifi'
+	option 'dest' 'wan'
+
+
+config zone
+	option name 'lan'
+	list network 'lan'
+	option input 'ACCEPT'
+	option output 'ACCEPT'
+	option forward 'ACCEPT'
+
+config zone
+	option name 'wan'
+	list network 'wan'
+	list network 'wan6'
+	option input 'REJECT'
+	option output 'ACCEPT'
+	option forward 'REJECT'
+	option masq '1'
+	option mtu_fix '1'
+
+config forwarding
+	option src 'lan'
+	option dest 'wan'
+
+config rule
+	option name 'Allow-DHCP-Renew'
+	option src 'wan'
+	option proto 'udp'
+	option dest_port '68'
+	option target 'ACCEPT'
+	option family 'ipv4'
+
+config rule
+	option name 'Allow-Ping'
+	option src 'wan'
+	option proto 'icmp'
+	option icmp_type 'echo-request'
+	option family 'ipv4'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-IGMP'
+	option src 'wan'
+	option proto 'igmp'
+	option family 'ipv4'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-DHCPv6'
+	option src 'wan'
+	option proto 'udp'
+	option src_ip 'fc00::/6'
+	option dest_ip 'fc00::/6'
+	option dest_port '546'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-MLD'
+	option src 'wan'
+	option proto 'icmp'
+	option src_ip 'fe80::/10'
+	list icmp_type '130/0'
+	list icmp_type '131/0'
+	list icmp_type '132/0'
+	list icmp_type '143/0'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ICMPv6-Input'
+	option src 'wan'
+	option proto 'icmp'
+	list icmp_type 'echo-request'
+	list icmp_type 'echo-reply'
+	list icmp_type 'destination-unreachable'
+	list icmp_type 'packet-too-big'
+	list icmp_type 'time-exceeded'
+	list icmp_type 'bad-header'
+	list icmp_type 'unknown-header-type'
+	list icmp_type 'router-solicitation'
+	list icmp_type 'neighbour-solicitation'
+	list icmp_type 'router-advertisement'
+	list icmp_type 'neighbour-advertisement'
+	option limit '1000/sec'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ICMPv6-Forward'
+	option src 'wan'
+	option dest '*'
+	option proto 'icmp'
+	list icmp_type 'echo-request'
+	list icmp_type 'echo-reply'
+	list icmp_type 'destination-unreachable'
+	list icmp_type 'packet-too-big'
+	list icmp_type 'time-exceeded'
+	list icmp_type 'bad-header'
+	list icmp_type 'unknown-header-type'
+	option limit '1000/sec'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-IPSec-ESP'
+	option src 'wan'
+	option dest 'lan'
+	option proto 'esp'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ISAKMP'
+	option src 'wan'
+	option dest 'lan'
+	option dest_port '500'
+	option proto 'udp'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Support-UDP-Traceroute'
+	option src 'wan'
+	option dest_port '33434:33689'
+	option proto 'udp'
+	option family 'ipv4'
+	option target 'REJECT'
+	option enabled 'false'
+
+config include
+	option path '/etc/firewall.user'
+
+config rule
+	option name 'Allow SSH'
+	option src 'wan'
+	option target 'ACCEPT'
+	option proto 'tcp'
+	option dest_port '22'
+
+config rule
+	option name 'Allow LuCI'
+	option src 'wan'
+	option target 'ACCEPT'
+	option proto 'tcp'
+	option dest_port '80 443'
diff --git a/x86/config/network b/x86/config/network
new file mode 100644
index 0000000..e342f53
--- /dev/null
+++ b/x86/config/network
@@ -0,0 +1,28 @@
+config interface 'loopback'
+	option device 'lo'
+	option proto 'static'
+	option ipaddr '127.0.0.1'
+	option netmask '255.0.0.0'
+
+config globals 'globals'
+	option ula_prefix 'fd72:5afb:a7cf::/48'
+
+config device
+	option name 'br-lan'
+	option type 'bridge'
+	list ports 'eth0'
+
+config interface 'wan'
+	option device 'br-lan'
+	option proto 'static'
+	option netmask '255.255.255.0'
+	option ipaddr '192.168.96.2'
+	option ip6assign '30'
+	option gateway '192.168.96.1'
+	option dns '8.8.8.8'
+	option broadcast '192.168.96.3'
+
+config 'interface' 'wifi'
+	option 'proto' 'static'
+	option 'ipaddr' '192.168.2.1'
+	option 'netmask' '255.255.255.0'
diff --git a/x86/config/wireless b/x86/config/wireless
new file mode 100644
index 0000000..aadcb99
--- /dev/null
+++ b/x86/config/wireless
@@ -0,0 +1,14 @@
+config wifi-device 'radio0'
+	option type 'mac80211'
+	option channel '36'
+	option hwmode '11a'
+	option path 'virtual/mac80211_hwsim/hwsim0'
+	option htmode 'VHT80'
+	option disabled '0'
+
+config wifi-iface 'default_radio0'
+	option device 'radio0'
+	option mode 'ap'
+	option encryption 'none'
+	option network 'wifi'
+	option ssid 'VirtWifi'
diff --git a/x86/uci-defaults/0_default_config b/x86/uci-defaults/0_default_config
new file mode 100644
index 0000000..ff068df
--- /dev/null
+++ b/x86/uci-defaults/0_default_config
@@ -0,0 +1,3 @@
+#!/bin/sh
+opkg install /ipks/*
+ip link set eth0 mtu 1460
diff --git a/x86/uci-defaults/0_network_config b/x86/uci-defaults/0_network_config
deleted file mode 100644
index f2c1e7f..0000000
--- a/x86/uci-defaults/0_network_config
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-opkg install /ipks/*
-
-# The script below should be run after uci for wireless is available.
-while ! (uci show wireless | grep wireless)  ; do sleep 1; echo "wait for wlan" > /dev/kmsg; done
-
-uci -q batch << EOI
-rename network.lan='wan'
-set network.wan.proto='static'
-set network.wan.ipaddr='192.168.96.2'
-set network.wan.netmask='255.255.255.0'
-set network.wan.ip6assign='30'
-set network.wan.gateway='192.168.96.1'
-set network.wan.dns='8.8.8.8'
-set network.wan.broadcast='192.168.96.3'
-commit network
-set wireless.radio0.disabled='0'
-set wireless.default_radio0.network='wan'
-set wireless.default_radio0.ssid='VirtWifi'
-commit wireless
-add firewall rule
-set firewall.@rule[-1].name='Allow SSH'
-set firewall.@rule[-1].src=wan
-set firewall.@rule[-1].target=ACCEPT
-set firewall.@rule[-1].proto=tcp
-set firewall.@rule[-1].dest_port=22
-add firewall rule
-set firewall.@rule[-1].name='Allow LuCI'
-set firewall.@rule[-1].src=wan
-set firewall.@rule[-1].target=ACCEPT
-set firewall.@rule[-1].proto=tcp
-set firewall.@rule[-1].dest_port='80 443'
-commit firewall
-EOI
-/etc/init.d/firewall restart
-