Dear ExpertsI have Checkpoint NG FP3 firewall with the three
interfaces with the following network structure.

internet ------1.firewall-2.---- DMZ (StaticNAT)
`-3.------ LAN


Hosts using gateway of interface2 can able to access the resources of
intra+internet.My question is that how to make firewall rules so that
hosts using g/w of interface 3 can't able to ping
Any suggestions is greatly appreciated.