forum post ---> https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320028

This is using 'dd-wrt.v24-33555_NEWD-2_K3.x_mega.bin'
an old but very good build for this router.

### E2500 used as Main (gateway) router ###

## set in CLI for port 4 (next to WAN) to be in VLAN ...ALSO SET in GUI ##
nvram set vlan4ports="3 5"
nvram set vlan1ports="0 1 2 5*"
nvram set vlan2ports="4 5"
nvram commit
reboot


## firewall in GUI:
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp -m multiport --dports 53,67 -j ACCEPT
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
# ignore the last two lines of firewall in the 'E2500-Diagnostics.pdf' ...that is for the br1 network to be able 
to access local devices (webservers) on my network.


#####
# E2500 WITH THIS CONFIG --
root@E2500:~# nvram show | grep vlan.*ports
size: 30308 bytes (231836 left)
vlan4ports=3 5
vlan2ports=4 5
vlan0ports=1 2 3 4 5*
vlan1ports=0 1 2 5*

root@E2500:~# nvram show | grep port.*vlan
size: 30308 bytes (231836 left)
port5vlans=0 1 4 16
port3vlans=0 18 19 21
port1vlans=0 18 19 21
port4vlans=4 18 19 21
port2vlans=0 18 19 21
port0vlans=1 18 19 21
root@E2500:~# 

#########################################################

# E2500 defaults --
root@DD-WRT:~# nvram show | grep vlan.*ports
vlan2ports=4 5
size: 27537 bytes (234607 left)
vlan0ports=1 2 3 4 5*
vlan1ports=0 1 2 3 5*

root@DD-WRT:~# nvram show | grep port.*vlans
size: 27537 bytes (234607 left)
port5vlans=0 1 16
port3vlans=0 18 19 21
port1vlans=0 18 19 21
port4vlans=0 18 19 21
port2vlans=0 18 19 21
port0vlans=1 18 19 21