I have just converted to using my RB951G router board in my home network. Everything looks great except that I have one problem. In using the http://www.grc.com port testing site, All ports seem to be stealth except the icmp echo reply is open and previously going thru a cisco pix 501, it was always stealth. I have looked at much documentation, and have also added the following instruction from the manual, ( I added the accept=drop ) to no avail. Can someone suggest how I just bypass icmp echo reply only. Thanks in advance.
add chain=icmp protocol=icmp icmp-options=0:0 action=drop
Fixed:
/ip firewall filter
add chain=input protocol=icmp icmp-options=0:0 action=drop
comment=“echo reply”
add chain=input protocol=icmp icmp-options=8:0 action=drop
comment=“allow echo request”
add chain=input protocol=icmp action=accept
comment=“Allow ICMP”