first of all you have to check the "*Disable webGUI anti-lockout rule"
box under Advanced.
If this box is unchecked the traffic from your lan is always permitted,
no matter what firewall rules are defined.
Of course you have to make sure, that you create a rule which allows
webgui access, otherwise you will not be able to login to the gui anymore.
After that you can use you rule to block icmp packets on the lan
interface. But make sure, you place your rule before the "default lan ->
*Marx, Guido WI schrieb:
> I'm running m0n0wall on an EPIA CL6000 ITX-Board with CF and it works
> perfectly, thanks Manuel.
> Now there is one thing I haven't figured out yet.
> How do I reject ping on the local LAN-Interface of my firewall. Rules like
> "reject; PROTOCOL: icmp; SOURCE-IP: lan net; DEST-IP: IP of firewall"
> doesn't work and that's ok so for my opinion.
> Is there an other way to realize my intention.