Alternative solution to multiple AP WDS?

I've been reading a lot of the forum and found tons of helpful information. I'm still stuck on getting a setup for my environment with 2 NS2's, a home router and variety of clients.

My home ethernet (Linksys) router has 3 computers sharing a internet connection on 192.168.2.x.
A NanoStation is attached to one of the 4 ports, call it AP1. There are NO wireless clients in area to connect to it. I'm thinking of this as the backhaul from the wired connection to the wireless AP (AP2) about 1000' away from my house.
AP2 will be the access point for multiple wireless clients, transmitting data back through AP1 and the home router to the Internet. Someday, I may add another AP further out in the neighborhood, so this AP2 would use WDS to reach another AP.

Internet <-> router ( <-> AP1 <-> AP2 <-> Wifi clients/NS-Loco (Station)
Internet <-> router ( <-> Home PC (

Here are my questions:
a) Is there a way to prevent the Wifi clients from being able to see/access my Home PC?
b) What IP configuration on the APs? This is where I've experimented with the NS2s in router mode, and with Alias IPs ( instead of 192.168.2.x).
c) What Link setup makes the most sense? Do I want to use AP1 in Station WDS mode and AP2 in Access Point WDS, or vice versa, or both in AP WDS mode?

I found the Wiki has a HOWTO showing both devices in AP WDS mode, using static IPs on the same network block as the router. This allows clients to access both nodes (I don't need them to access the AP1 node), but cuts the bandwidth in half. I read that Station WDS would operate faster that if both NS2s are in Access Point WDS mode.
Re: Alternative solution to multiple AP WDS?

There are a couple of different ways you can seperate your wireless traffic from your nanostation from your home lan traffic. Depending on which linksys router you have you can either put the nanostation on a different subnet or you can set up VLANS. If you set up the nanostation as AP WDS then the other antenna as station WDS. If you add another one you can set it up as station WDS and just repeat the signal. Of course you will symetrically reduce the amount of bandwidth available to the wireless clients.