alert icmp any any -> 10.2.2.43 any (msg:"ICMP PING Calibration Test"; itype:8; sid:29366;  classtype:misc-activity; rev:6; autoshun:1999999;)

# this next one is only for those sites that implement the "exec" plug-in:
# alert icmp any any -> 10.2.2.43 any (msg:"ICMP PING Calibration Test"; itype:8; sid:29366;  classtype:misc-activity; rev:6;threshold: type limit, track by_src, seconds 3600, count 1;  exec:hotalert;)