OpenWRT Container (ID: 100):
```bash
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=1G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Kali Linux Container (ID: 200):
```bash
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --tag tools --storage local-lvm --cores 2 --memory 2048 --swap 512 --rootfs local-lvm:1,size=16G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Alpine Container (ID: 300):
```bash
pct create 300 /var/lib/vz/template/cache/alpine-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```

```bash
pct start 100
```
```bash
pct stop 100
```
```bash
pct destroy 100
```

---

Here's the updated response with the additional information on installing packages via the CLI on OpenWrt:

### Proxmox Container Creation

```bash
opkg install qemu-ga
```

### OpenWRT Firewall Configuration

The network interface and firewall configuration remains the same as before:

#### **Define Network Interfaces**:
Update `/etc/config/network` to reflect `eth1` as the WAN interface:

```bash
config interface 'wan'
    option ifname 'eth1'
    option proto 'dhcp'
```

#### **Update Firewall Settings**:
Append rules to `/etc/config/firewall` to allow SSH and HTTPS access:

```bash
config zone
    option name 'wan'
    list network 'wan'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'

config rule
    option name 'Allow-SSH'
    option src 'wan'
    option proto 'tcp'
    option dest_port '22'
    option target 'ACCEPT'

config rule
    option name 'Allow-HTTPS'
    option src 'wan'
    option proto 'tcp'
    option dest_port '443'
    option target 'ACCEPT'
```

### Installing Packages via CLI

To install packages via the CLI on OpenWrt, you can use the `opkg` package management tool. Here's how to go about it:

1. **Update the Package List**: Before installing any new packages, it's a good practice to update the list of packages to ensure you are installing the latest versions available. You can do this by running:

```
opkg update
```

2. **Install a Package**: Once the package list is updated, you can install a package by using the `opkg install` command followed by the package name. For example, if you want to install the QEMU Guest Agent, you would use:

```
opkg install qemu-ga
```

3. **Check Dependencies**: `opkg` automatically handles dependencies for the packages you install. If additional packages are required to fulfill dependencies, `opkg` will download and install them as well.

4. **Configure Packages**: Some packages may require configuration after installation. OpenWrt might save configuration files in `/etc/config/`, and you might need to edit these files manually or through a web interface (if you have LuCI installed).

5. **Managing Packages**: Besides installing, you can also remove packages with `opkg remove` and list installed packages with `opkg list-installed`.

6. **Find Available Packages**: To see if a specific package is available in the OpenWrt repository, you can search for it using:

```
opkg list | grep <package-name>
```

These steps should help you manage packages on your OpenWrt device from the command line. For more detailed information or troubleshooting, you can refer to the OpenWrt documentation or community forums.

### Applying the Configuration

After updating the configuration files:

- **Restart Network Services**:
  ```bash
  /etc/init.d/network restart
  ```

- **Reload Firewall Settings**:
  ```bash
  /etc/init.d/firewall restart
  ```

This setup reduces the memory and storage footprint of the OpenWRT container while maintaining the necessary network and firewall configurations for SSH and HTTPS access. It also provides guidance on installing and managing packages using the `opkg` tool in OpenWrt.

Remember to test connectivity, functionality, and package installations thoroughly after applying these changes to ensure the reduced resource allocation meets your requirements and the necessary packages are installed correctly.

---

The container creation command you provided is close, but let's make a few adjustments to optimize it for a small footprint Alpine container. Here's the updated command:

```bash
pct create 200 /var/lib/vz/template/cache/alpine-3.17-default_20230502_amd64.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:2,size=1G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```

Changes made:
- Updated the template file name to `alpine-3.17-default_20230502_amd64.tar.xz` to use a specific Alpine version. Replace this with the actual template file name you have downloaded.
- Changed `--ostype` to `alpine` instead of `unmanaged`. This allows Proxmox to apply Alpine-specific configurations.
- Reduced the memory to 128MB (`--memory 128`) to minimize the footprint. Adjust this value based on your requirements.
- Removed the extra `\\` characters, as they are not needed in this command.

After creating the container, you can configure the network interfaces and firewall rules similar to the OpenWRT example:

1. Update `/etc/network/interfaces` to configure `eth1` as the WAN interface:

```
auto eth1
iface eth1 inet dhcp
```

2. Configure the firewall rules in `/etc/iptables.rules` to allow SSH and HTTPS access:

```
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -i eth1 -j REJECT --reject-with icmp-port-unreachable
COMMIT
```

3. Apply the network configuration and firewall rules:

```bash
service networking restart
iptables-restore < /etc/iptables.rules
```

4. Install and configure any additional packages you need using Alpine's package manager, `apk`. For example, to install the QEMU Guest Agent:

```bash
apk update
apk add qemu-guest-agent
```

Remember to thoroughly test the container's functionality and security after applying these configurations to ensure it meets your requirements.

---

To create a right-sized Kali Linux container for typical use, you can use the following command:

```bash
pct create 300 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --storage local-lvm --memory 1024 --swap 512 --rootfs local-lvm:2,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```

Explanation of the command:
- `pct create 300`: Creates a new container with ID 300.
- `/var/lib/vz/template/cache/kali-default-rootfs.tar.xz`: Specifies the path to the Kali Linux template file.
- `--unprivileged 1`: Runs the container as an unprivileged user.
- `--arch amd64`: Sets the container architecture to 64-bit.
- `--ostype debian`: Sets the OS type to Debian, as Kali Linux is based on Debian.
- `--hostname kali-0`: Sets the container's hostname to "kali-0".
- `--storage local-lvm`: Uses the local LVM storage for the container.
- `--memory 1024`: Allocates 1GB of memory to the container.
- `--swap 512`: Allocates 512MB of swap space to the container.
- `--rootfs local-lvm:2,size=8G`: Creates an 8GB root filesystem for the container on the local LVM storage.
- `--net0 name=eth0,bridge=vmbr0,firewall=1`: Configures the first network interface (eth0) to use the vmbr0 bridge and enables the firewall.
- `--net1 name=eth1,bridge=vmbr1,firewall=1`: Configures the second network interface (eth1) to use the vmbr1 bridge and enables the firewall.

After creating the container, you can configure the network interfaces and firewall rules as needed. For example, you can update `/etc/network/interfaces` to configure `eth1` as the WAN interface:

```
auto eth1
iface eth1 inet dhcp
```

You can also configure firewall rules using `iptables` or by modifying the `/etc/pve/firewall/300.fw` file to allow incoming traffic on specific ports or services.

Remember to update and upgrade the Kali Linux packages inside the container and install any additional tools you require for your typical use case.

Note: The resource allocation (memory, swap, and disk size) provided in this example is a general recommendation. You may need to adjust these values based on your specific requirements and the tasks you intend to perform with the Kali Linux container.

---

Here are the adjusted container creation commands with scaled-down resources:

OpenWRT Container (ID: 100):
```bash
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=1G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Kali Linux Container (ID: 200):
```bash
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --tag tools --storage local-lvm --memory 2048 --swap 512 --rootfs local-lvm:1,size=16G --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Alpine Container (ID: 300):
```bash
pct create 300 /var/lib/vz/template/cache/alpine-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --tag docker --storage local-lvm --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 bridge=vmbr1,name=eth0,ip=dhcp,ip6=dhcp,type=veth,firewall=1
```

```bash
pct stop 300
```
```bash
pct destroy 300
```

Changes:
- Reduced memory to 512MB
- Reduced swap to 256MB
- Reduced rootfs size to 4GB
Changes:
- Reduced memory to 64MB
- Reduced rootfs size to 512MB

Please note that these resource adjustments are based on general recommendations for minimal resource usage. Depending on your specific use case and the applications you plan to run inside the containers, you might need to fine-tune these values further.

Remember to monitor the performance and resource utilization of your containers after creating them with these scaled-down resources. If you encounter any issues or need more resources, you can always adjust the values accordingly using the `pct resize` command.