I simply disabled the last two ones of your displayed rules with no further effect.
The IPv6-rules can be simply disabled when you disable the use of IPv6 in general. I remember to make the use of a single rule somewhere that completely kills IPv6 but right now I can’t tell you where exactly.
But it would be nice if someone experienced could explain the reason for each rule.
I wanted to discuss this topics here What is minimal/best secure firewall configuration but it seems almost no one is into it. I personally have deleted all rules except Allow DHCP renew. I also don’t use IPv6 and any inbound services. Consequently all home devices [PC, tablet, mobile, IPTV box] work fine.
Allow DHCP Renew allows the router to receive updates of its WAN IP address, therefore it is good to have it allowed
Allow PING is better to have disabled, hence the router will not respond to ping requests from the Internet, what makes it kinda hidden for hacker scanners
Attackers don’t need to ping your machine. IIRC it’s also typical nowadays that they directly connect to the service they try to attack (e.g. SSH) without any port scanning or pinging, but I’m no expert on this.
Of course, you may also switch your diagnostic approaches away from ping and then you don’t need to care, but I personally find it useful in typical cases.
Sry, but disabling PING doesn’t give you any additional security - what matters, is if you have open ports or not.
So the only reasons thing to harden security is closing ports.
Here we are talking about ping reply on WAN interface with public IP address, i.e. to the Internet. There is no need to block ping reply on WAN interface with private IP, LAN or corporate networks.
On WAN interface I haven’t seen any situation when ping reply would be needed or used as diagnostic tool, that it would be any useful. Therefore disabling makes no harm.
On the other hand, it may harm your router in some [rare?] cases:
Yes, it is first condition - to have all services disabled and all ports stealth [not only “closed”] on WAN interface.
I use https://www.grc.com/x/ne.dll?bh0bkyd2 for detecting open/closed/stealth ports.