There is no need to do that. Keep the default /24 for future expansion.
Why is there everywhere mtu 1472?
No need to use broadcast in any interface.
You are supposed to fill in a different dns server there, not itself.
Same here, and in interfaces hosts, wireless, wlessguests,
I wouldn't use this long name for local and domain.
gateway,dns, netmask are not needed. I would not give infinite leasetime, maybe 12h max. The same applies to the other dhcp pools too.
You may want to change that to reject.
They are all wrong. By default the input for wan zone is reject, so you don't need to add more rules to reject. Other than that you'll never get something from IP 0.0.0.0, since it is reserved, and source port means that a server is trying to send you traffic, which also doesn't happen.
DNAT is taking place before the blocking of the DNS, so it is not needed.