ICMP communication between router and pfsense

mr_bobo

I'm using the default pfSense firewall rules, have full internet connectivity on all my machines, and am very happy with the way pfSense is performing, but have a question about ICMP communication between the router and pfSense firewall behind it.

The setup is router -> pfSense -> switch -> machines and I can connect to the net and to the firewall GUI without any problem.

From pftop:

PR     D  SRC           DEST         STATE    AGE      EXP      PKTS    BYTES

ICMP   0  Firewall      Router       0:0      32033    10       63996   4001k

I take it this is just the firewall pinging the router and it responding, but should it be doing this continuously? I had to reboot last night due to an unrelated issue and it holds this state as long as it's up, both now and before I rebooted.

It's not a drain on resources or anything, I was just wondering if this was normal behavior or something that needed tweaking. TIA

Edit: The default router rule was not to respond to ping. I set it to respond to ping to see it if would release it but that doesn't seem to be the case. I can't make a specific rule for the firewall and would rather not have it respond to ping if I could get around it.

cmb

That's for the quality graph and determining gateway accessibility. You can turn off monitoring on the gateway if you don't need those.

mr_bobo

It's not hurting anything so I'll just leave it as is for the graph.

Thanks a lot.