I have wireless router running openwrt, but with very little memory and space so there is no chance I can install captive portal like coovachilli /and radium server on it. My plan is to use raspberry pi connected to router and install portal there. There is only single ethernet connection between router and raspberry pi. Raspberry doesn't have wifi module so the idea is let router also be access point. Router itself is connected to DSL modem for internet connection.
Network topology:
+---------------+ +-----------------+ +------------------------+
| | | D-Link | | Raspberry PI |
| DSL MODEM +------->+ Openwrt router +------->+ |
| | | (AP) | | (runs captive portal) |
+---------------+ +-----------------+ +------------------------+
The question is how to setup captive portal on different device then access point (iptables, proxy, ...)?
I'm rusty when it comes to networking, but this sounds like a combination of static routes, subnets, and setting the Gateyway would get what you want.
What your diagram is missing is that the network traffic comes back out of the RPi to the D-Link, then out to your other devices. Since that's a bit complicated for ASCII art, it's understandable.
What I'd look at doing is setting up a subnet for your RPi, along with a static IP for it. Then set up a static route between your "regular" subnet of devices and the RPi, as well as setting the default DHCP Gateway address as your address to the RPi. This static route should reroute all outbound traffic to the RPi. The Gateway will route any DHCP device to the RPi, but the static route will force all devices to use it, even if they aren't on DHCP.
You will then need to set up another static route so that any incoming traffic from the web goes to the RPi. Most of that traffic will be heading there anyway, as responses to requests, but this should also help prevent any intruders from getting direct access to your devices. An intelligent hacker can likely get around this, though, so it can't be considered 100% protection.
https://openwrt.org/docs/guide-user/network/routes_configuration
What I tried to describe is a basic DMZ. It looks like there should be the option to build that in a more standardized way with OpenWRT on your router. I included the above description just in case your's doesn't have that option.
https://openwrt.org/docs/guide-user/start
https://openwrt.org/docs/guide-user/network/routing.example.1.bridged.dmz
https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_dmz