diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 72973749d..0255fc2ec 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -471,6 +471,9 @@ function filter_configure_sync($verbose = false)
         $limitrules .= "set limit states {$max_states}\n";
         $limitrules .= "set limit src-nodes {$max_states}\n";
     }
+    if (!empty($config['system']['maximumfrags'])) {
+        $limitrules .= "set limit frags {$config['system']['maximumfrags']}\n";
+    }
 
     if (isset($config['system']['lb_use_sticky']) && is_numeric($config['system']['srctrack']) && ($config['system']['srctrack'] > 0)) {
         $limitrules .= "set timeout src.track {$config['system']['srctrack']}\n";
diff --git a/src/www/system_advanced_firewall.php b/src/www/system_advanced_firewall.php
index 03dfd5145..1e8775061 100644
--- a/src/www/system_advanced_firewall.php
+++ b/src/www/system_advanced_firewall.php
@@ -45,6 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     $pconfig['disablefilter'] = !empty($config['system']['disablefilter']);
     $pconfig['optimization'] = isset($config['system']['optimization']) ? $config['system']['optimization'] : "normal";
     $pconfig['maximumstates'] = isset($config['system']['maximumstates']) ? $config['system']['maximumstates'] : null;
+    $pconfig['maximumfrags'] = isset($config['system']['maximumfrags']) ? $config['system']['maximumfrags'] : null;
     $pconfig['adaptivestart'] = isset($config['system']['adaptivestart']) ? $config['system']['adaptivestart'] : null;
     $pconfig['adaptiveend'] = isset($config['system']['adaptiveend']) ? $config['system']['adaptiveend'] : null;
     $pconfig['aliasesresolveinterval'] = isset($config['system']['aliasesresolveinterval']) ? $config['system']['aliasesresolveinterval'] : null;
@@ -83,6 +84,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     if (!empty($pconfig['maximumstates']) && !is_numericint($pconfig['maximumstates'])) {
         $input_errors[] = gettext("The Firewall Maximum States value must be an integer.");
     }
+    if (!empty($pconfig['maximumfrags']) && !is_numericint($pconfig['maximumfrags'])) {
+        $input_errors[] = gettext("The Firewall Maximum Frags value must be an integer.");
+    }
     if (!empty($pconfig['aliasesresolveinterval']) && !is_numericint($pconfig['aliasesresolveinterval'])) {
         $input_errors[] = gettext("The Aliases Hostname Resolve Interval value must be an integer.");
     }
@@ -160,6 +164,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
 
         $config['system']['optimization'] = $pconfig['optimization'];
         $config['system']['maximumstates'] = $pconfig['maximumstates'];
+        $config['system']['maximumfrags'] = $pconfig['maximumfrags'];
         $config['system']['aliasesresolveinterval'] = $pconfig['aliasesresolveinterval'];
         $config['system']['maximumtableentries'] = $pconfig['maximumtableentries'];
 
@@ -483,6 +488,17 @@ include("head.inc");
                     </div>
                   </td>
                 </tr>
+                <tr>
+                  <td><a id="help_for_maximumfrags" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Firewall Maximum Fragments");?></td>
+                  <td>
+                    <input name="maximumfrags" type="text" id="maximumfrags" value="<?=$pconfig['maximumfrags'];?>" />
+                    <div class="hidden" for="help_for_maximumfrags">
+                      <strong><?=gettext("Sets the maximum number of entries in the memory pool used for fragment reassembly.");?></strong>
+                      <br />
+                      <?=gettext("Note: Leave this blank for the default.");?>
+                    </div>
+                  </td>
+                </tr>
                 <tr>
                   <td><a id="help_for_maximumtableentries" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Firewall Maximum Table Entries");?></td>
                   <td>