The reason your filter won't work is the default deny at the End. This is a non-stateful filter. Which means that the source request from the junos router/firewall e tc will originate potentially on a dynamic-port. The reply will have to assume the source-port is permitted. Otherwise the Junos device won't allow the reply from the far end back.
Basically I do my LO0 filters as such..
term 1 permit what you want to permit and from where. (Specifically ports, source address or prefix-list etc)
term 2 the same as term 1 accept deny, and don't include any source address information
term 3 permit all. (this permits replies back for traffic originating from the router. IE NTP, BGP, OSPF, DNS, syslog, ETC)
So really the only difference, remove the ping permit policy, change term 2 to be the same as term 1 accept deny and make the last term a default permit.