Long ago, just after the first unlock for the 2G was released this was my first project.
The problem is not getting DHCP or Bonjour to work (you do not need bonjour at all).
The iPhone will connect to the "celular data network" (3G, EDGE or GPRS) and get an IP address, normally an IP with Internet connectivity (outside of the private range).
The WLAN interface will be able to assign private addresses. It's ok and doable.
But you need to be able to "route" the packages with NAT, that is not only forward packages from one interface to the other, but change the package headers to allow sharing the single valid IP.
iPhoneOS is nothing more than a crippled version of MacOS, so the same structure is there. But the necessary kernel extensions are missing.
First, you need "ipfw" to control NAT routing parameters in the kernel. although we can compiled the user level command, it's impossible to add IP_FW support to kernel (or non trivial). Here is the results we got last year:
So, unless we find the proper kernel sources to replace the kernel on the phone, we are stuck. I may be wrong and I would love to see someone proving me wrong.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 172.16.2.1 netmask 0xffffff00 broadcast 172.16.2.255
ip1: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1450
inet 22.214.171.124 --> 126.96.36.199 netmask 0xffffffff
ip2: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1500
# sysctl -w net.inet.ip.forwarding=1
net.inet.ip.forwarding: 0 -> 1
# natd -interface ip1
# ipfw -f flush
ipfw: setsockopt(IP_FW_FLUSH): Protocol not available
# ipfw add divert natd all from any to any via ip1
ipfw: getsockopt(IP_FW_ADD): Protocol not available