That one rule will not prevent traffic from the ether2 LAN getting to the ether1 LAN. You would have to write another rule with the in and out interfaces flipped to do that, if that is what you want.
there is a option in wireless interface- advanced
enable adaptiv noise immunity -> AP-Client mode
that's all, i don't know why but the solution is
simple and work good, the link is stable over months