diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index f4faa06..3fc6b64 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1942,7 +1942,7 @@ function generate_user_filter_rule($rule, $ngcounter) {
 
 			if ($type == "pass") {
 
-				if( isset($rule['source-track']) or isset($rule['max-src-nodes']) or isset($rule['max-src-states']) )
+				if( isset($rule['max']) or isset($rule['source-track']) or isset($rule['max-src-nodes']) or isset($rule['max-src-states']) )
 					if($rule['protocol'] == "tcp")
 						$aline['flags'] = "flags S/SA ";
 				/*
@@ -1977,13 +1977,16 @@ function generate_user_filter_rule($rule, $ngcounter) {
 					$aline['flags'] = "keep state ";
 				}
 				if($noadvoptions == false) 
-					if( isset($rule['source-track']) and $rule['source-track'] <> "" or
+					if( isset($rule['max']) and $rule['max'] <> "" or
+					  isset($rule['source-track']) and $rule['source-track'] <> "" or
 					  isset($rule['max-src-nodes']) and $rule['max-src-nodes'] <> "" or
 					   isset($rule['max-src-conn-rate']) and $rule['max-src-conn-rate'] <> "" or
 					    isset($rule['max-src-conn-rates']) and $rule['max-src-conn-rates'] <> "" or
 					     isset($rule['max-src-states']) and $rule['max-src-states'] <> "" or
 					      isset($rule['statetimeout']) and $rule['statetimeout'] <> "") {
 						$aline['flags'] .= "( ";
+						if(isset($rule['max']) and $rule['max'] <> "")
+							$aline['flags'] .= "max " . $rule['max'] . " ";
 						if(isset($rule['source-track']) and $rule['source-track'] <> "")
 							$aline['flags'] .= "source-track rule ";
 						if(isset($rule['max-src-nodes']) and $rule['max-src-nodes'] <> "")
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 3b9d289..b141d41 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -87,6 +87,7 @@ if (isset($id) && $a_filter[$id]) {
 	$pconfig['descr'] = $a_filter[$id]['descr'];
 
 	/* advanced */
+        $pconfig['max'] = $a_filter[$id]['max'];
         $pconfig['max-src-nodes'] = $a_filter[$id]['max-src-nodes'];
         $pconfig['max-src-states'] = $a_filter[$id]['max-src-states'];
         $pconfig['statetype'] = $a_filter[$id]['statetype'];
@@ -273,6 +274,7 @@ if ($_POST) {
 		$filterent['interface'] = $_POST['interface'];
 
 		/* Advanced options */
+		$filterent['max'] = $_POST['max'];
 		$filterent['max-src-nodes'] = $_POST['max-src-nodes'];
 		$filterent['max-src-states'] = $_POST['max-src-states'];
 		$filterent['statetimeout'] = $_POST['statetimeout'];
@@ -673,7 +675,8 @@ include("head.inc");
 				<input type="button" onClick="show_aodiv();" value="Advanced"> - Show advanced options
 			</div>
 			<div id="aodivmain" name="aodivmain" style="display:none">
-				<input name="max-src-nodes" id="max-src-nodes" value="<?php echo $pconfig['max-src-nodes'] ?>"><br> Simultaneous client connection limit<p>
+				<input name="max" id="max" value="<?php echo $pconfig['max'] ?>"><br> Maximum state entries<p>
+				<input name="max-src-nodes" id="max-src-nodes" value="<?php echo $pconfig['max-src-nodes'] ?>"><br> Simultaneous client connection limit<p>
 				<input name="max-src-states" id="max-src-states" value="<?php echo $pconfig['max-src-states'] ?>"><br> Maximum state entries per host<p>
 				<input name="max-src-conn-rate" id="max-src-conn-rate" value="<?php echo $pconfig['max-src-conn-rate'] ?>"> /
 				<select name="max-src-conn-rates" id="max-src-conn-rates">