Solved PF - rule expands to no valid combination

[Mayhem30]

Could someone please explain what I am doing wrong here?

Simply changing "inet" to "inet6" and the rule is no longer accepted - I receive a "rule expands to no valid combination" error.

# block ssh scanners
pass in quick log on $EXT_IF inet6 proto tcp from any to $SERVER port $SSH \
        flags S/UAPRSF modulate state \
        (max-src-conn-rate 3/30, overload <blacklist> flush global)

 

[usdmatt]

What's $SERVER?

 

[Mayhem30]

SERVER="11.22.33.44"

 

[SirDice]

So, the variable expands to an IPv4 address and the rule was made for IPv6 (inet6). Hence the error.

 

[Mayhem30]

Yeah, after I posted that I realized the mistake.

Thank you, marking this as solved.