Hi!
I currently try to use my pi as a Wi-Fi router that bridges traffic to the LAN port but has its own subnet for the Wi-Fi with DHCP turned on. After installing OpenWrt and following some instructions from the wiki, I managed to bridge the LAN to Wi-Fi using this config:
/etc/config/network:
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd66:dfac:efcc::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option device 'br-lan'
option proto 'dhcp'
option ip6assign '60'
/etc/config/wireless:
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/soc/3f300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
option channel '1'
option band '2g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'wifi'
option encryption 'psk2'
option key 'password'
Everything else from the config should be pretty much unchanged.
So what's the problem?
The LAN port the pi is connected to is provided by the operator of the accommodation, and I do not really know what it is. If I plug my laptop in directly, it assigns a public (yes, public) IP address to me via DHCP and I can use it. When starting a server on the laptop, it is directly reachable from the internet.
So after building my bridging solution with the pi, I now get a public IP for all devices that connect to the Wi-Fi. And I don't seem to have a firewall working (I cannot check as the PI has to use DHCP as the assigned IP really changes, and sometimes it is like 84.... and the next time I get something completely different. This was proofed using direct plugging with the laptop).
What do I have to change to get a private Wi-Fi network, as a stock router would set it up (with private IP range and DHCP server)? I simply want the pi to connect to the LAN as a DHCP Client, and then forward the traffic (though a firewall) to the private Wi-Fi network.