OpenWrt Forum Archive

This is on a WL-500gP, Broadcom wireless NIC, using 8.09.It installed brilliantly.

The topology I'd like

(wireless router upstream) --> wlan0 client - bridged to "wlan" - (firewall) - "internal lan ports"

Basically, have the wifi act as a client, "transparently" bridge one of the ethernet ports ("wlan" in this case) so that devices on that port appear on the upstream network. Then the remaining LAN ports are inside the firewall with the usual NAT, iptables, etc.

I'm actually quite close. The wifi client successfully connects to upstream, gets an IP, etc. Further, NAT is working so the 'internal" ports work properly.

What I can't get working is the "bridge" to the wlan port. I've created a bridge but have no evidence that it's passing traffic, etc.

Based on http://forum.openwrt.org/viewtopic.php?pid=84634#p84634 it should be simple. Either it's a simple problem or it's impossible with this hardware? Who knows.

In any case, here's /etc/config/network

config 'switch' 'eth0'
        option 'vlan0' '1 2 3 4 5*'
        option 'vlan1' '0 5'

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto' 'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'

config 'interface' 'lan'
        option 'type' 'bridge'
        option 'ifname' 'eth0.0'
        option 'proto' 'static'
        option 'netmask' '255.255.255.0'
        option 'ipaddr' '192.168.2.1'

config 'interface' 'wan'
        option 'type' 'bridge'
        option 'proto' 'dhcp'
        option 'ifname' 'eth0.1'
        option 'hostname' 'xxxx'

and /etc/config/wireless

config 'wifi-device' 'wlan0'
        option 'type' 'mac80211'
        option 'disabled' '0'
        option 'channel' '11'

config 'wifi-iface'
        option 'device' 'wlan0'
        option 'ssid' 'xxxx'
        option 'network' 'wan'
        option 'mode' 'sta'
        option 'encryption' 'wep'
        option 'key' 'xxxxx'

And the bridge seems to exist

root@xxxx:/etc/config# brctl show 
bridge name     bridge id               STP enabled     interfaces
br-lan          8000.001731dc0374       no              eth0.0
br-wan          8000.001731dc0374       no              eth0.1
                                                        wlan0

As I said, in this configuration, the wifi client link is still working and the NAT/routing between "lan" and the wifi is working.

I think I could do this with dhrelay and parprouted, but doing it with a bridge seems simpler (avoid iptables problems, etc)

Thoughts?