Hello,
I am attempting to isolate my Wifi connections from my LAN connection. I have setup these rules in the firewall used for Isolating them. I can get on the internet from Wifi and LAN successfully.

chain=forward action=drop src-address=10.10.219.0/24 dst-address=172.16.30.0/24 log=no log-prefix=""
chain=forward action=drop src-address=172.16.30.0/24 dst-address=10.10.219.0/24 log=no log-prefix=""

They are enabled but, I still ping from one network to another and I receive responses. When I look at the firewall rules and send ping commands I do not see that counters are incrementing at all. Is there anything I could be missing? Thanks for any help.

Did you unbridge them first?

Hello R1CH,
This is my setup. Eth1 is WAN Connection. Eth2, Eth3 and WLAN1 are all bridged together and connect to the LAN only Eth2 and WLAN1 are being used. I have setup a VAP off WLAN1, this is for the public users. WLAN1 is for private users. So, the traffic I am trying to isolate is the VAP from the other network. Since I need to have WLAN1 bridged to Eth1 and Eth2, will I be able to isolate the VAP traffic at all or do I need to reconfigure the bridges or should I use VLAN?

Thanks again for the help

Are you trying to ping different machines, not just the router's address in other subnet?

I am pinging the routers interface. So I connect to one the public wifi SSID and I am pinging the private IP interface. As I write this I realize, I will be able to do this. Sorry, I will connect another device to the other network and try to ping to it. I will let you know the result.