Ok... for more clarity, I'd recommend totaling up all your networks and using that as the number of VLANs. The reason I say it this way is that the number of VLANs on a port will be port dependent, and it gets confusing when you talking about just one VLAN (I interpret this as "no additional networks").
The 802.1q standard allows for:
zero or one untagged network
zero, one, or many tagged networks
A port/cable that carries more than a single network is called a trunk. A port that is used for 'normal'/non-vlan aware devices is known as an access port and will contain a single network, untagged + PVID. It is also possible to have just a single network tagged on a port (and nothing untagged), but I don't know if there is a special name for it (it is neither an access port nor a trunk; this is less common, though).
In your case, I would say that you have 2 VLANs. VLAN 1 + VLAN 667. Regardless of where it is tagged/untagged, I would always say that this is 2 VLANs.
Ok... so what you want is this:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd34:9995:715a::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'wan'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'lan1:u*'
list ports 'lan3:u*'
list ports 'wan:t'
config bridge-vlan
option device 'br-lan'
option vlan '667'
list ports 'lan2:u*'
list ports 'wan:t'
config interface 'lan'
option proto 'dhcp'
option device 'br-lan.1'
config interface 'vlan667'
option proto 'none'
option device 'br-lan.667'
Thanks you are the best. I can not understand how greatful I am that this is working. I am been working on this for 2 days now.
How those wondering, I did use the GUI instead of just editing files as the GUI has much cleaner rollbacks. Here are some screenshots for those wondering how to recreate this.