diff --git a/CHANGELOG.md b/CHANGELOG.md
index 199fe6d..3e1a2d9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@
 
 ### Default Rules
 * Use more sets and vars definitions to avoid multiple rules.
+* Allow outgoing icmp.
 
 ## v1.0
 
diff --git a/README.md b/README.md
index 22230c4..411f9f8 100644
--- a/README.md
+++ b/README.md
@@ -93,6 +93,8 @@ nft_output_default_rules:
     - jump global
   015 localhost:
     - oif lo accept
+  050 icmp:
+    - ip protocol icmp accept
   200 output udp accepted:
     - udp dport @output_udp_accept ct state new accept
   210 output tcp accepted:
@@ -190,6 +192,7 @@ table inet firewall {
 		type filter hook output priority 0; policy drop;
 		jump global
 		oif "lo" accept
+		ip protocol icmp accept
 		udp dport @output_udp_accept ct state new accept
 		tcp dport @output_tcp_accept ct state new accept
 	}
@@ -206,20 +209,14 @@ table inet firewall {
     - role: ipr-cnrs.nftables
 ```
 
-* Use default rules with allow ICMP and count dropped input packets :
-
-`group_vars/all` :
-
-``` yaml
-nft_global_group_rules:
-  002 icmp:
-    - ip protocol icmp accept
-```
+* Use default rules with allow incoming ICMP and count dropped input packets :
 
 `group_vars/first_group` :
 
 ``` yaml
 nft_input_group_rules:
+  020 icmp:
+    - ip protocol icmp icmp type echo-request ip length <= 84 counter limit rate 1/minute accept
   999 count policy packet:
     - counter
 ```
diff --git a/defaults/main.yml b/defaults/main.yml
index d448be5..9e48156 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -48,6 +48,8 @@ nft_output_default_rules:
     - jump global
   015 localhost:
     - oif lo accept
+  050 icmp:
+    - ip protocol icmp accept
   200 output udp accepted:
     - udp dport @output_udp_accept ct state new accept
   210 output tcp accepted: