ICMP is always allowed in the default policy even if you set the default to block. Only with an user rule it can blocked. But ICMP is not only for ping it also reports closed/unreachable messages and is used for mtu detection so you should not block it at all.