Hi,
I am not enable to block this traffic to my router, im using this rule,
chain=input action=drop protocol=icmp dst-address=x.x.x.x icmp-options=0:0-255
What am iam doing wrong? ?
Regard..
I don’t think you need the dst-address in there. There’s also no need for icmp-options, if you want to block any ICMP packets.
Perhaps consider changing that to
chain=input action=drop protocol=icmp in-interface=ether1
And just replace ether1 with whatever the interface where you receive internet is (or where you want to block incoming ICMP packets from). Remove in-interface if you want to block all ICMP packets from everywhere.
doesn’t help, I still cant catch the traffic 
If I try ping from a website to my public address it works, so what is the traffic iam getting? ?
wrong by me, the traffic goes out of the router, I can catch the traffic if i am using the output chain.
But I cant find where the traffic is generated?? I dont see it on my Lan interface
it looks like the router is generating this traffic :S
Solved, It was an dns attack