UPDATED THIS POST TO SHOW THE CORRECT ANSWER
OPNsense 24.7.12_2-amd64
Set up an alias: Firewall-> Alias
Named it: blocklist
** Type: Host(s)
Content: 34.107.243.93 (single IP example)
Created Firewall Floating Rule: Firewall-> Rules-> Floating
Action: Block
Apply the action immediatly on match: checked
Interface: LAN & WAN
Direction: any
TCP/IP Version: IPv4
Protocol: any
Source: any
Destination: (alias) blocklist
PLACES TO CHECK
If not blocking, Try: Firewall-> Diagnostic-> States-> Actions-> Reset state table
Firewall-> Diagnostics-> Aliases-> (alias name) blocklist
Should show the IP address to be blocked
** ALIAS TYPES
Host(s): This type allows you to define individual IP addresses or subnets (CIDR blocks).
Usage: It's useful when you want to create an alias that contains a list of specific IP addresses
Example: 192.168.1.100, 10.0.0.0/24, 203.0.113.0/32.
URL (IPs): This type allows you to specify a URL that contains a list of IP addresses (the URL will return a plain list of IPs, typically in a text format).
Usage: It's useful for dynamically pulling a list of IP addresses from a URL (such as a publicly available threat intelligence feed).
Example: You could enter a URL that points to an IP blocklist file, and OPNsense will download and parse that list to use it in the alias.
Example URL: https://lists.blocklist.de/lists/all.txt
URL Table (IPs): This type allows you to define an alias based on a list of IP addresses that is fetched from a URL, similar to the URL (IPs) type. However, in this case, OPNsense treats the list as a "table" and will update the list periodically (according to the refresh interval you specify) and maintain it in memory for use in firewall rules.
If you want to block pinging that IP address, it would need to be the *destination* for your rule, not the source. With it as the source, you should be blocking ping *coming from* that address.
So the Floating rule should be:
Source: Any
Destination: (alias) Blocklist
This would be any (source) network on my LAN blocking traffic to that IP address. I thought by selecting interface LAN/WAN would block this IP going in and out with any protocol.
I just want to make sure no traffic in or out is going to or coming from the IP in the alias. Is there more I need to add to this rule for that?
source and destination in rules refer to the addresses (and, optionally (where applicable), ports) of the "connection". If a PC on your LAN is pinging a host on the internet, the destination is the host on the internet, regardless of which interface the traffic is being inspected at. If you want block an IP address as either the source or the destination for connections, you would need two rules. Note that (by default) no traffic is allowed inbound from WAN interfaces unless you explicitly add rules to allow it.