Not sure what is happening here. I noticed some firewall rules are not working. I made no changes to the firewall rules or configuration in over a year. Two things I have noticed so far: My router should not be responding to icmp pings on IPv4. I ran ping tests from remote servers, and my router is responding to pings:
I restored the default firewall config from /rom/etc/config/firewall. To test, I changed the ping rule to disable and it worked. The rule had the exact same lines, but in a different order. So I don't know if this was the problem. I copied this rule into my old firewall config, and did the same for the rule to drop and it worked.
I replaced my old rules with these lines from the default config:
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option limit '500/sec'
option target 'ACCEPT'
option enabled '0'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'DROP'
option output 'ACCEPT'
option forward 'DROP'
option masq '1'
option mtu_fix '1'
After copying those two rules from the default config to my own I restarted the firewall service and everthing was working as expected.
