diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
index 12bbcc8cb5..420f9d3ec6 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
@@ -1086,8 +1086,8 @@ rdr-anchor "ftp-proxy/*"</programlisting>
 	    <acronym>ICMP</acronym> traffic from the local net through
 	    and stop probes from elsewhere at the gateway:</para>
 
-	  <programlisting>pass inet proto icmp icmp-type $icmp_types from $localnet to any keep state
-pass inet proto icmp icmp-type $icmp_types from any to $ext_if keep state</programlisting>
+	  <programlisting>pass inet proto icmp from $localnet to any keep state
+pass inet proto icmp from any to $ext_if keep state</programlisting>
 
 	  <para>Stopping probes at the gateway might be an attractive
 	    option anyway, but let us have a look at a few other