We have two local networks on Mikrotik router, for example:
Network1: 192.168.1.0/24 on ether1 interface
Network2: 192.168.2.0/24 on ether2 interface
Let’s prevent access between devices of this two networks.
In Mikrotik terminal go to Firewall Filter:
/ip firewall filter
And create this two rules:
add chain=forward action=drop src-address=192.168.2.0/24 dst-address=192.168.1.0/24 add chain=forward action=drop src-address=192.168.1.0/24 dst-address=192.168.2.0/24
That’s all, now Mikrotik will block all traffic from computers in Network1 to computers in Network2 and from Network2 to Network1.
All other traffic to Internet will be working normally.
If You want to block traffic only from Network2 to Network1 – write only one rule:
add chain=forward action=drop src-address=192.168.2.0/24 dst-address=192.168.1.0/24