You seem to have everything in a single bridge.
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge interface=wlan2
add bridge=bridge interface=ether1
But you have wlan1 as WAN and nothing about wlan2:
/interface list member
add interface=wlan1 list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
What would this firewall rule do?
/ip firewall filter
add action=drop chain=input comment=“defconf: drop all not coming from LAN”
in-interface-list=!LAN
This might be useful:
http://forum.mikrotik.com/t/interface-list-behaviors/167669/1