Max. src. conn. Rate not working

  • Hi
    I am new to pfsense, thanks for any help i might receive.
    So, the situation:
    Small lan with nat after the firewall which is connected to the net by pppoe
    all works ok, but i want to limit the rate at which someone might want to scan me. for example 10 new connections in 5 seconds
    So i created a new rule on wan interface, pass action, src any, dst any (or firewal, or lan, doesn't work with any of them) advanced:
    Max. src. conn. Rate 10
    Max. src. conn. Rates 5
    And that's about it, or that's what i think it should be?
    Then i go and get scanned online, and the rule gets hit, it appears in the logs, but all the packets go through, in table virusprot the "attacker" doesnt get listed :(
    what am i doing wrong?
    thank you!