Firewall/NAT

I have a Soekris 5501-70 with 4 Network interfaces configured in the following manner.

eth0 : WAN : Public IP DHCP
eth1 : LAN : 10.1.0.1/24
eth2 : OPT1 : 10.2.0.1/24
eth3 : OPT2 : 10.3.0.1/24

I've tried numerous  combinations  of Firewall rules to try and prevent the three private networks from talking to each other.  However, regardless of my efforts any host on any of the private networks can always ping any host on any of the other private networks. 

Can anyone explain to me how make it so each private network can see out to the internet but not see each other.

** Would like to add that all the private Subnets have their own switches and are not physically connected except at the Soekris box, obviously.

Thank you for any assistance

Jason.

You need Firewall: Rules for each interface blocking traffic to the other interfaces except the WAN.

While I believe I've tried this .. I'll give it another go.
 Thanks so much for the response.

This may be easier, go to your firewall rules where you have the default rule on your LAN for example that is set for the source being "LAN net" and the destination is just *, * , * , etc.

Edit that rule and change the destination from "any" to "WAN address". Do that for all the other rules for the OPT1 and OPT2 and that should funnel all your LAN networks down the WAN only and they won't be able to talk to each other then (such as ping).