http://www.cromwell-intl.com/tcpip/routing.html - mais simples, impossível!

http://www.networksorcery.com/enp/protocol/icmp/msg3.htm

http://www.linuxplanet.com/linuxplanet/tutorials/6524/1

http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap…

http://wiki.openwrt.org/doc/howto/packet.scheduler/packet.scheduler

http://www.linuxhorizon.ro/iproute2.html
http://www.policyrouting.org/PolicyRoutingBook/ONLINE/CH03.web.html
http://linux-ip.net/html/routing-tables.html

http://blog.matws.net/post/2010/10/16/Correct-magic-mouse-scrolling-on-…

ip route add 10.0.70.0/24 dev br-lan_vpn table vpn
ip rule add from 10.0.70.0/24 table vpn
ip route add default dev tun0 table vpn
ip route flush cache

pacotes a instalar:
openvpn
luci-app-openvpn
iptables-mod-ipopt (para poder marcar os pacotes no iptables - se calhar não é necesário)

net.ipv4.icmp_errors_use_inbound_ifaddr=1 - em /etc/sysctl.conf,

cortar o acesso da wlan à lan e à wan

iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP
iptables -I FORWARD -i br1 -o `get_wanface` -j DROP

iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr`

ip route add 192.168.70.0/24 dev br1 table 200
ip route add default via 10.0.11.5 dev tun1 table 200
ip rule add from 192.168.70.140 table 200
ip route flush cache

http://www.dd-wrt.com/wiki/index.php/Configuration_HOWTOs

http://www.dd-wrt.com/wiki/index.php/Switched_Ports

http://www.dd-wrt.com/wiki/index.php/Separate_LAN_and_WLAN

http://www.youtube.com/watch?v=Ud-Hq3kgvk4