--- /root/test/etc/inc/filter.inc       2010-01-07 12:30:29.000000000 +0000
+++ /etc/inc/filter.inc 2010-01-07 20:54:27.000000000 +0000
@@ -1394,7 +1394,7 @@
        update_filter_reload_status("Setting up pass/block rules {$rule['descr']}");
 
        /* do not process reply-to for gateway'd rules */
-       if($rule['gateway'] == "" && interface_has_gateway($rule['interface'])) {
+       if($rule['gateway'] == "" && interface_has_gateway($rule['interface']) && !isset($rule['disablereplyto'])) {
                $rg = get_interface_gateway($rule['interface']);
                if(is_ipaddr($rg)) {
                        $aline['reply'] = "reply-to ( {$ifcfg['if']} {$rg} ) ";

--- /root/test/usr/local/www/firewall_rules_edit.php    2010-01-07 12:30:29.000000000 +0000
+++ /usr/local/www/firewall_rules_edit.php      2010-01-07 20:02:32.000000000 +0000
@@ -129,6 +129,8 @@
                $pconfig['quick'] = $a_filter[$id]['quick'];
        if (isset($a_filter[$id]['allowopts']))
                $pconfig['allowopts'] = true;
+       if (isset($a_filter[$id]['disablereplyto']))
+               $pconfig['disablereplyto'] = true;
 
        /* advanced */
        $pconfig['max'] = $a_filter[$id]['max'];
@@ -383,6 +385,10 @@
                        $filterent['allowopts'] = true;
                else
                        unset($filterent['allowopts']);
+               if ($_POST['disablereplyto'] == "yes")
+                       $filterent['disablereplyto'] = true;
+               else
+                       unset($filterent['disablereplyto']);
                $filterent['max'] = $_POST['max'];
                $filterent['max-src-nodes'] = $_POST['max-src-nodes'];
                $filterent['max-src-conn'] = $_POST['max-src-conn'];
@@ -957,6 +963,9 @@
                                <input type="checkbox" id="allowopts" value="yes" name="allowopts"<?php if($pconfig['allowopts'] == true) echo " checked"; ?>>
                                <br/><span class="vexpl"><?=gettext("This allows packets with IP options to pass. Otherwise they are blocked by default. This is usually only seen with multicast traffic.");?>
                                </span><p>
+                               <input type="checkbox" id="disablereplyto" value="yes" name="disablereplyto"<?php if($pconfig['disablereplyto'] == true) echo " checked"; ?>>
+                               <br/><span class="vexpl"><?=gettext("This will disable reply-to for this rule.");?>
+                               </span><p>
                                <input name="tag" id="tag" value="<?=htmlspecialchars($pconfig['tag']);?>">
                                <br /><span class="vexpl"><?=gettext("You can mark a packet matching this rule and use this mark to match on other NAT/filter rules. It is called <b>Policy filtering</b>");?>
                                </span><p>