AP Isolation only for DHCP clients?

    I've been using Tomato firmware for a long time now, and I just noticed the thriving modding community that grew around it.

    I want to add the ability to have AP Isolation ON for all clients who connect and aren't on the Static DHCP list and have AP Isolation OFF for clients who are on the Static DHCP list.

    This way, anyone can connect to the AP and use the internet, but only clients that have been verified (added to the Static DHCP list) can talk to each other.

    I want to know the following:

    1. Is this possible?
    2. How hard do you think it'll be to implement?
    3. Can you point me in the right direction to get started (where to make changes)?

    PS: I understand C and have Linux on-hand. I'm not just begging for someone else to do all the work.
