Hi !
I want to connect my Wrt54g to 2 different nets
my first try was connecting 2nd net to WAN interface.
but this interface is NAT'ed so my partner in ther other net cannot connect to my other nets. behind linux PC which is connected to the WRT54G

                        192.168.63.x
                  wired LAN    WAN
10.11.12.0/24<= Linux PC => WRT => WLbridge10.49.199.x
                  | WiFi
               local clients & WDS to my neighbour
to connect to PC's from 10.11.12.x to 10.49.199.x is no problem because WAN is NAT'ed, but back it does not work. gateway in 10.49.199.x has set route to
10.11.12.x with 10.49.199.1 as gateway (IP if WAN interface on WRT) So i think my problem is the NAT on WAN interface.
pinging 10.11.12.x from WRT is working => so my routing should be ok
BTW: Is WDS working with openwrt (it'S planned with my neighbour)

Ciao Gerd

Here is a very interesting config for your case... It is very popular where i come from...

It creats different Vlans for all ethernet ports and provided you disable NAT and Firewalling from the etc/init.d/S45firewall file you get free trafic through all 5 ethernet ports... When you are finished with routing... then you can consentrate on the Firewalling...

create a net config file like this
vi /etc/init.d/S41-network
then give execution permissions
chmod +x /etc/init.d/S41-network

And try those....

This is for /etc/init.d/S41-network:

#!/bin/sh
ifconfig br0 down #disables default bridge br0
brctl delbr br0     #deletes default bridge br0
# 
insmod adm.o    #loads admcfg module
# 
admcfg port0 PVID:1 vlan1   #sets port0 (internet) #for several reasons it is better to leave that as vlan1.
admcfg port1 PVID:0 vlan0   #sets port1 as vlan0
admcfg port2 PVID:2 vlan2   #sets port2 as vlan2
admcfg port3 PVID:3 vlan3   #sets port3 as vlan3
admcfg port4 PVID:4 vlan4   #sets port4 as vlan4
# 
vconfig add eth0 0  #creates vlans
vconfig add eth0 1
vconfig add eth0 2
vconfig add eth0 3
vconfig add eth0 4
# 
#assign ip addresses
ifconfig vlan1 10.2.13.105 netmask 255.255.255.248 broadcast 10.2.13.111 up #iport labeled internet
ifconfig vlan0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255 up #port labeled port1
ifconfig vlan2 10.2.13.150 netmask 255.255.255.248 broadcast 10.2.13.151 up #port labeled port2
ifconfig vlan3 10.2.13.100 netmask 255.255.255.248 broadcast 10.2.13.103 up #port labeled port3
ifconfig vlan4 10.2.13.137 netmask 255.255.255.248  broadcast 10.2.13.143 up #port labeled port4
# 
ifconfig eth1 10.2.13.115 netmask 255.255.255.248 broadcast 10.2.13.119 up #disables wireless port
#
#route delete -net default #deletes default gateway route that might have been entered by nvram through S40network
#route add -net default gw 10.2.13.65 #adds default route
#

And this is for etc/init.d/S45firewall comment out IPTABLES for starters

# $IPT -t filter -A INPUT -m state --state INVALID -j DROP 
# $IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
# $IPT -t filter -A INPUT -p icmp -j ACCEPT 
# $IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset 
# $IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable 
# $IPT -t filter -A FORWARD -m state --state INVALID -j DROP 
# $IPT -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT 
# $IPT -t filter -A FORWARD -i $WAN -m state --state NEW,INVALID -j DROP 
# $IPT -t filter -A FORWARD -o $WAN -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 

# $IPT -t nat -A POSTROUTING -o $WAN -j MASQUERADE

You will also need the following packets
1. admcfg to control your ethernet ports...

Config above IPs as you want....

Why isn't that done in S40network ? Or loading adm module on boot time ?

:-) really disable ?
BTW: I'm realy confused about the hardware of my WRT54G. WLAN seems to be eth2 (V1.1) but how i include WLAN into the range of an ethernet port?
e.g. LAN port 1 & wireless is 10.11.12.0/24 ?

Ciao Gerd

Sorry about the wrong coment but i forgot to change the comment... this is an extract out of a tutorial or better a guide that has been created for the AWMN(Athens Wireless Metropolitan Network) which discribes in simple words (but in Greek) how to create a zebra-bgp-osfp wireless enabled router out of a cheap wrt... On that guide the eth1 which on V2 is the wireless IF was originaly down and not UP as i have changed that and it does not reflect the coments...oops

as far as the rest goes you have to understand the stracture of this device... and i mean you realy have to!
I know that on V1.1 the wireless IF is eth2 but forgive me i do not have a diagram of the IF nameings on V1.1 in front of me...
On V2 you have
eth0 which is your lan to the 5 eth ports to the back
eth1 is the wireless IF
and Vlan1 is the Internet port
Lo is internal

and if you do a ifconfig on the cli you will see br0 which in fact on V2 with default setting is eth0+eth1 bridged
do you start to get my point?? hint Vlan1

in fact WRT has a 6port managable switch which you can manipulate any way you want through eth0 and with admcfg.. 1 port is reserved 4 are your lan ports and 1 is the INET port

Apply Vlans on those 5 ports on the back and presto you have a router routing 5 different lans (maybe wireless links with cheap dlink 900+s) and one wireless lan = 5 maybe wireless links with one lan port for lan connection to your servers pcs etc. At a routing speed (trust me this is out of specs) higher than a 1700 series cisco. add a bit of nat and Iptables and there you go you have firewall as well!
add bgp and osfp and you get a multirouting cost and hops calculating wireless router and firewall

Got me now? and what did you pay?? 70 or 80 euros

Trust me this is working in a box 24/7 on my roof top in a waterproof box for a month now... This is a methode and discovery which is not mine but it now works on over 50 wireless nodes in athens! we can't be that wrong about this yeaaa???

of course i trust you... :-)
i did it like you wrote, but i still have in routing an interface which is named br0 and ip address is 192.168.1.1/24 but also my configured vlans with the other IP's )
192.168.1.1 * 255.255.255.0 vlan4
192.168.1.1 * 255.255.255.0 br0
(with deleting Nvram varibale values i got at least rid of the 2 default gateways
for WAN and LAN which i don't need at the moment)
so i took out S41-network and i have a setup which would help me at least to start up:
10.49.199.1 * 255.255.255.0 vlan1
10.11.12.0 192.168.1.2 255.255.255.0 br0
192.168.1.1 * 255.255.255.0 br0

but pinging ip address behind wan interface (e.g. my bridge 10.49.199.3) fails (i also deleted SXXfirewall)
another questing is dmesg: tells my in the first sector of the boot sequence
"firewalling registered" is there a kind of and hardware firewall ?
also there are a lot of nvram variables which confusing me:
like e.g. lan_ifname lan_ifnames which one is used by openwrt ?

Ciao Gerd