Really it is not a command what you need. You need to create appropriate access lists. All access lists have an implicit deny at the end, which implies that anything not explicitly allowed is forbidden. For ping you have to deny icmp protocol packets of type echo-request (8) that enter through your interfaces. This will forbid any ping from outside to inside and the other way around.