Untitled

Hi all,

I have 1 requirement which is to seperate my IoT devices from my personal devices. So I am fine with vlan1 and then LAN subnet but want to bind the first Guest WLAN (wl0.1) to a seperate bridge and vlan (for tagging on wired ports).

vlan1 - personal stuff
vlan9 - IoT devices

Some devices need to communicate between vlan1 & vlan9 so besides outside NAT I will also need some extra iptables. My problem now is... I cannot even connect after my changes.

So any suggestions on why I cannot connect? And steps further with help on iptables would be appreciated:

This is my /jffs/config/dnsmasq.conf:
[CODE]
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=wl0.1
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=home.zwarts.ws
expand-hosts
bogus-priv
domain-needed
local=/guest.domain.com/
dhcp-range=wl0.1,192.168.254.10,192.168.254.220,255.255.255.0,900s
dhcp-option=wl0.1,3,192.168.254.1
dhcp-option=wl0.1,6,192.168.254.1,0.0.0.0
dhcp-option=wl0.1,15,guest.domain.com
dhcp-authoritative
addn-hosts=/etc/hosts.dnsmasq
stop-dns-rebind
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
[/CODE]

And this one in services-start
[CODE]
#!/bin/ash
PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
rm /tmp/000services-start

#robocfg vlan 1 ports "0t 1 5t"
robocfg vlan 9 ports "0t 5t 7t"

vconfig add eth0 9
ifconfig vlan9 up

ifconfig br1 down
brctl delbr br1
brctl addbr br1

brctl delif br0 wl0.1
brctl delif br0 wl1.1

brctl addif br1 wl0.1
brctl addif br1 wl1.1
brctl addif br1 vlan9


ifconfig br1 192.168.254.1 netmask 255.255.255.0
ifconfig br1 up


nvram set lan1_ifnames="vlan9 wl0.1 wl1.1"
nvram set lan1_ifname="br1"

nvram commit

killall eapd
eapd

touch /tmp/000services-start
[/CODE]