it seems I have to correct myself (shame on me).
It looks like this only happens when "traffic shaper" had been enabled
once (doesn't matter if it is active any longer or not). Then some ipfw
rules are injected, beside others the rule " deny from any to any"
(19902). This one drops any icmp redirect on the LAN interface.