The following picture is my topology of network.
1. When I copied a file form a station to another station, the traffic flow display in the diagram of "interface-ether1" and "interface-ether2" is nothing change ,the transport rate display in the "local connection" is up to 82Mb/s,is it means that the transportation is directly through the switch but not the Mikrotik router?
2. After I used "drop-input" and "drop-output" command in the "firewall-filter rules", I took for granted that it would sever the connection between each station in the ethernet. But it seems can't work, I can use Microsoft workgroup to transport flies to and fro form each other.Why? and how can I do to isolate the communication of each station?
3. Is the "input" command in charge of the communication of each workstions in Ethernet? "forward" command takes charge of the traffic flow between workstation and outside internet?

all communication between workstations should be blocked at switch. these packets go directly, not via the router

What is the concept of "input" and "forward"? I much don't understand the concept of "forward".according to some references said that "forward" means packets which came from internet going in to the router, but these packets are not intended to go into the any one of the workstations of the ethernet, but detour to "output" interface,then "forward" to another ip address, why they should do like that? Is this "forward" manner would use my router's resources? and how I can cut off these "forward" traffic flow?

input = traffic destined for the router itself
output = traffic created by the router itself
forward = traffic flowing through the router between devices on two sides of it

But as Chupaka said, traffic between those workstations on the same network does not flow through the router. Devices on the same network talk to each other directly, routers only get involved when devices need to talk to a network they are not on.

Maybe read up on TCP/IP in general: http://www.ipprimer.com/overview.cfm

1. In few days before,I considered that the communication between two workstations in the same ethernet would pass through "input" chain, but you said that is not true, then What kind of traffic flow would pass through "input" chain?
2. "input = traffic destined for the router itself ",When I used "drop-input" command in the firewall, that all packets destined for my router is been dropped, that means I cannot get on net,because all the packets from outside world destined for my computer was been dropped,but I also can get on net as usual.and then, what kind of packets be dropped in the "drop-input" chain?

There is no built in 'drop-input' chain. So I don't know what you're referring to.

'input' contains packets destined to the router itself, like I said. Dropping packets in the 'input' chain means that packets to an IP address configured on the router will be dropped. It does not affect packets destined to clients connecting through the router.

Maybe read up on TCP/IP in general.