Need help with multiple VLANs, firewall and dnsmasq

[Bolt]

I'm trying to configure multiple VLANs and SSIDs on an RT-68U.

I have created 3 guest wifi interfaces via web interface.

Via services-start script I accomplish:


robocfg to get my ports onto seperate VLANs
vconfig to give VLANs access to WAN
ifconfig to activate VLANs
brctl to add br's, add interfaces to br's
ifconfig to assign subnets to br's and wl0.x's <--here I'm a little confused, do I need to assign subnets to both brx and wl0.x?
ifconfig to activate br's
nvram set vlanxports="n 5*", vlanxhwname="et0", lanx_ifnames="vlanx, wl0.x", and lanx_ifname="brx"
kill and restart eapd


So, I think I have the "physical" layout complete. It survives reboot, etc.

In dnsmasq.postconf I have:

#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh
pc_append "
log-dhcp
interface=wl0.x
dhcp-range=wl0.x,192.168.x.aaa,192.168.x.bbb,255.255.255.0,86400s
dhcp-option=wl0.x,3,192.168.x.1
dhcp-option=wl0.x,6,8.8.8.8,8.8.4.4
## REPEAT FOR OTHER INTERFACES
" /tmp/etc/dnsmasq.conf

I am some what lost in the firewall-start script and if i'm on the right track with dnsmasq.postconf


I am trying to get:

VLAN1, port1 eth1 and eth2 to have a subnet 192.168.1.x with a DHCP range
VLAN3 port 3 wl0.2 to have a subnet 192.168.3.x, with a DHCP range
VLAN4 port 4 wl0.3 to have a subnet 192.168.4.x, with a DHCP range

I would like VLAN1 and VLAN3 to route between each other
I would like VLAN3 and VLAN4 to route between each other

Can someone help me out with the iptables and dnsmasq?

 

[Bolt]

Can anybody help me?