This command is for preventing the ip address from working "chain=forward src-address=10.1.90.110 action=drop "
how do i block the whole of 10.1.90.1/24 and allow only a few to work as and when need be?

this will be a good security for my network

Add accept rules for specific IPs and drop the rest from subnet

chain=forward src-address=10.1.90.110 action=accept
chain=forward src-address=10.1.90.0/24 action=drop

i still do have a reply on 10.1.90.110

Of course you'll have a reply from 110! That's the only one that will reply!
Add a rule like the one for 110 for each IP you need working. Those are the ones that will reply!
Pice of cake...

it still does not work.
all ips on that block are still replying
and traffic is been passed alright
is there a way i can do this ?

Do those client flow through this router? They will pass if they see each other directly.
How do you test pings? where do you point to?
You're placing the rule in forward, not input...
Do you have a bridge? if that's so, firewall won't work
Is connection tracking enabled?
Do OTHER firewall rule work?

everything is yes apart from it been a bridge

you should show your ip addresses and routing, as well as where you're pinging to...

i am at 10.1.90.1 and i ping 10.1.90.110

the rout is to stop the ip 10.1.91.2 to 254 from working but ucan ping all of them

the whole idea is to make sure no ip in this block 10.1.90.1/24 works without my knowledge

so if u know any method i will be will to accept

If you are in the same subnet you're pinging, it won't work, as your're not going through the router!
It'll work when the router really works, that is from one subnet to other...