I haved just configured two zeroshell machines. One in bridge mode with an Atheros PCI card working in AP mode and two ethernet cards. The other one working in normal mode with one ethernet an also an atheros card working in AP mode. The first Atheros (lets call it NODE1) is working in channel 6 and its using the 192.168.100.0/24 segment. The other one is working in channel 11 and its working in the 192.168.200.0/24 segment (NODE2).
Now the problem..
The first machine is working in bridge mode in the same segment that the second one. Each one of the machines have his own IP and i can ping them from my laptop.
In the bridged machine (NODE1), the output interface is connected directly to the NODE2.
In Router –> NAT section, i have all the interfaces in masquerade (on both machines), and also a DHCP pool configured for each one of the wireless interfaces (on NODE1 and NODE2).
Now when i have a wireless client connected to NODE1, he cannot ping to a user connected to NODE2 and viceversa.
In a few words, i need to merge two Zeroshell`s access point through a crossfade cable. I think i can solve the issue with IPTABLES but i didnt have success so far.
Your problem is not in IPTABLES but in NAT and ROUTING. First of all remove the nat from all the interfaces. Both your wireless and ethernet interfaces are using private addresses and NAT is not necessary. You will NAT on the router that has an internet gateway. Then either enable RIP on ZS nodes 1 and 2, so they can exchange routing information, or add static routes about the wireless networks. For example on node 1 add a static route for 192.168.200.0/24 via gw 10.0.0.2 and on node 2 add a static route for 192.168.100.0/24 via gw 10.0.0.1