And what, exactly, is the problem? Mark through iptables in mangle::FORWARD, after which the usual HTB on vlan* and eth1, drive traffic through filter fw acc. classes.
You will shape the outcome from the interface accordingly. NAT is absolutely not a hindrance since traffic coloring occurs before it.

Frankly speaking, the shaper in ipfw is MUCH more convenient than iproute2, so it’s quite possible to switch to a fryaha is the right decision ... Although it’s a Linuxoid itself, it’s all the same.

Shaper in Linux is harsh. The tc syntax only contributes to this. Especially if you need to honestly split the incoming bandwidth, I don’t know a simple native way to do this. Only with crutches in the form of IFB or IMQ, better than IFB, it is ideologically correct, and even it seems that there is no need to patch the kernel and iptables. Outgoing traffic (going from the router to users in the wilans) I would shape directly on their network interfaces. Incoming from users labeled and wrapped in IFB. The HTB class tree is hung on the IFB and users get each on their own leaf (leaf) by brand filters. I have traffic redirected with this wonderful command
$TC filter add dev $VLAN parent ffff: protocol ip prio 1 u32 match u32 0 0 flowid 1:1 action ipt -j MARK --set-mark $VID action mirred egress redirect dev $IFB
In short, put a freebie there, if you understand it, it will be easier for you and more reliable for users