A rather cute configuration is to use a firewall in transparent bridging more. The nice thing here is that you don't need to change any config on all the machines in the network. It's even more appropriate if the firewall is mainly doing QOS as well.
Any ideas on how to setup the WRT54GS to have the WAN and LAN bridged like this? I have this setup working fine on my big linux machine with two real net cards, however, I am having a number of problems making it work on the WRT
The closest that I have got so far (and it nearly works ok) is to setup three VLANs
vlan0 = lan (ports 1,2)
vlan1 = WAN (port 0)
vlan2 = DMZ
Then setup the bridge on the LAN:
lan_ifnames=vlan0 vlan1 eth1
lan_ifname=br0
wan_ifname=vlan1
vlan2 is routed to a seperate subnet right now because I can't make any other config work...
However, this does actually bridge between the lan and wan, but ONLY if I give the wan an IP address and subnet... The whole point really is that you don't want to do this. So, basically the working config seems to be to have LAN and WAN with the same iprange and subnet - however, I haven't yet tested whether I can actually use netfilter to limit packets with this config either (and also apply QOS)
Also, in this configuration name resolution seems to be broken.. Can anyone describe how the WRT does name resolution? Seems to me that /etc/resolve.conf is always correct, but it works or doesn't depending on how I define lan_dns and wan_dns...? Why is this?
Grateful for any help making this work
Complete dump of relevant variables is below:
lan_dns=192.168.105.254
lan_gateway=192.168.105.254
lan_ifname=br0
lan_ifnames=vlan0 vlan1 eth1
lan_ipaddr=192.168.105.10
lan_netmask=255.255.255.0
lan_proto=static
vlan0hwname=et0
vlan0ports=1 2 5*
vlan1hwname=et0
vlan1ports=0 5
vlan2hwname=et0
vlan2ports=3 4 5
wan_dns=192.168.105.254
wan_gateway=192.168.105.254
wan_ifname=vlan1
wan_ipaddr=192.168.105.250
wan_netmask=255.255.255.0
wan_proto=static