Solved PF - rule expands to no valid combination

Could someone please explain what I am doing wrong here?

Simply changing "inet" to "inet6" and the rule is no longer accepted - I receive a "rule expands to no valid combination" error.
Code:
# block ssh scanners
pass in quick log on $EXT_IF inet6 proto tcp from any to $SERVER port $SSH \
        flags S/UAPRSF modulate state \
        (max-src-conn-rate 3/30, overload <blacklist> flush global)
 
So, the variable expands to an IPv4 address and the rule was made for IPv6 (inet6). Hence the error.
 
Back
Top