Setup OpenWrt Snapshots on my x86 machine

OpenWrtSetupX86.sh

# This assumes your already running OpenWRT
# Follow https://teklager.se/en/knowledge-base/openwrt-installation-instructions/ to get OpenWRT initally installed on an SSD if you haven't
# My device expects LAN on eth0, and WAN on eth1 

# Sign into the router
ssh root@192.168.1.1

# Set vars
DOWNLOAD_LINK="https://downloads.openwrt.org/releases/23.05.3/targets/x86/64/openwrt-23.05.3-x86-64-generic-squashfs-combined-efi.img.gz"
SHA256SUMS="https://downloads.openwrt.org/releases/23.05.3/targets/x86/64/sha256sums"

# Get latest snapshot and install
cd /tmp
wget $DOWNLOAD_LINK
wget $SHA256SUMS
sha256sum -c sha256sums 2>/dev/null|grep OK

sysupgrade -n /tmp/*.img.gz

# Log back in after reboot and set password
ssh root@192.168.1.1
passwd

# Update and install packages
opkg update
opkg install luci
opkg install netdata
opkg install htop
opkg install nano
opkg install irqbalance
opkg install luci-app-upnp
opkg install luci-app-sqm
opkg install luci-app-nlbwmon
opkg install luci-app-vnstat
opkg install luci-app-statistics
opkg install collectd-mod-thermal

# Configure
## Only allow SSH from LAN
uci del dropbear.@dropbear[0].RootPasswordAuth
uci set dropbear.@dropbear[0].Interface='lan'

## Use my own DNS server
uci del dhcp.@dnsmasq[0].nonwildcard
uci del dhcp.@dnsmasq[0].boguspriv
uci del dhcp.@dnsmasq[0].filterwin2k
uci del dhcp.@dnsmasq[0].filter_aaaa
uci del dhcp.@dnsmasq[0].filter_a
uci del dhcp.@dnsmasq[0].nonegcache
uci add_list dhcp.@dnsmasq[0].server='192.168.1.10'

## Don't use ISP DNS
uci add_list dhcp.wan.ra_flags='none'
uci set network.wan.peerdns='0'
uci set network.wan6.reqaddress='try'
uci set network.wan6.reqprefix='auto'
uci set network.wan6.peerdns='0'

## Redirect hardcoded DNS to my own DNS server
## Kudos to https://jeff.vtkellers.com/posts/technology/force-all-dns-queries-through-pihole-with-openwrt/
uci add firewall redirect
uci set firewall.@redirect[-1].target='DNAT'
uci set firewall.@redirect[-1].name='Redirect DNS'
uci set firewall.@redirect[-1].src='lan'
uci set firewall.@redirect[-1].src_ip='!192.168.1.10'
uci set firewall.@redirect[-1].src_dport='53'
uci set firewall.@redirect[-1].dest='lan'
uci set firewall.@redirect[-1].dest_ip='192.168.1.10'
uci set firewall.@redirect[-1].dest_port='53'
uci add firewall nat
uci add_list firewall.@nat[-1].proto='tcp'
uci add_list firewall.@nat[-1].proto='udp'
uci set firewall.@nat[-1].src='lan'
uci set firewall.@nat[-1].dest_ip='192.168.1.10'
uci set firewall.@nat[-1].dest_port='53'
uci set firewall.@nat[-1].target='MASQUERADE'

## Setup UPNP
uci del upnpd.config.enable_upnp
uci del upnpd.config.enable_natpmp
uci del upnpd.config.secure_mode
uci del upnpd.config.log_output
uci set upnpd.config.enabled='1'

# Setup SQM
uci del sqm.eth1.qdisc_advanced
uci del sqm.eth1.ingress_ecn
uci del sqm.eth1.egress_ecn
uci del sqm.eth1.qdisc_really_really_advanced
uci del sqm.eth1.itarget
uci del sqm.eth1.etarget
uci set sqm.eth1.enabled='1'
uci set sqm.eth1.download='955000'
uci set sqm.eth1.upload='19000'
uci set sqm.eth1.debug_logging='0'
uci set sqm.eth1.verbosity='5'
uci set sqm.eth1.script='layer_cake.qos'
/etc/init.d/sqm enable
/etc/init.d/sqm restart

## Enable IRQ Balance
sed -i "s/option enabled '0'/option enabled '1'/g" /etc/config/irqbalance
/etc/init.d/irqbalance start

## Apply changes and reload
uci commit
reload_config