it depends on how technical you are trying to get with your diagrams.
I work with an equal mix of construction workers, electronics techs, and people who get nicknamed Spock or Egon everywhere they go.
Trying to get the construction guys up to speed, so they are useful on road trips and don't get sent home when the cement is poured. They want to learn, it's a per diem thing.
The Spocks and Egons are forgiving of technical errors, but make a mistake in writing around an electronics tech... You will never hear the end of it.
My two major concerns:
The firewall is hard - wired between WAN port and router, can't be attached to the switch via software changes?
DHCP affects only the switch and wireless clients, WAN is a client to a DHCP server on the WAN port only?
I am aware of that drawing, have a laminated copy of it. Put that in a tutorial, the construction guys will stuff me in a cement mixer.
The firewall is hard - wired between WAN port and router, can't be attached to the switch via software changes?
DHCP affects only the switch and wireless clients, WAN is a client to a DHCP server on the WAN port only?
The firewall is software, not hardware. Therefore it is not "hard-wired" to any individual external port. You can firewall traffic between any two switch ports by creating VLANs and filtering between them.
DHCP affects any clients connected to any port, except the WAN port when it is enabled as such. Of course, we know from the overview that the WAN port is just another switch port on this device. So even WAN port can be made to allow DHCP clients (by putting it into the same VLAN as the other ports).
Mind you, not all dd-wrt capable routers use or support VLANs. And I am not as familiar with the ones that don't.
You can firewall traffic between any two switch ports by creating VLANs and filtering between them.
So I could theoretically make a firewall in my wireless bridge, limit what others could see in my network through the WISP? ( university town with many computer science students )
Bridging is not the best option if you are trying to create secure boundaries between networks.
For example in the overview, the switch ports on vlan0 are bridged to wireless. There is no clear boundary between clients. Everyone appears to be on the same network.