The default setting in bastille-firewall.cfg is ALLOW_FRAGMENTS="Y". In the configuration file the notes say "There's no good reason to allow these". It also says ALLOW_FRAGMENTS="N" is the safest setting. Why is the default setting for ISPConfig ALLOW_FRAGMENTS="Y"? Is there any downside to changing this to "N" in the cfg file and the master cfg file?