diff --git a/common/Make.rules b/common/Make.rules
index 3e46eb49b..88b343220 100644
--- a/common/Make.rules
+++ b/common/Make.rules
@@ -198,7 +198,7 @@ list_capabilities: /usr/include/linux/capability.h
 # to mediate. We use PF_ here since that is what is required in
 # bits/socket.h, but we will rewrite these as AF_.
 
-FILTER_FAMILIES=PF_UNSPEC PF_UNIX
+FILTER_FAMILIES=PF_UNIX
 
 __FILTER=$(shell echo $(strip $(FILTER_FAMILIES)) | sed -e 's/ /\\\|/g')
 
diff --git a/parser/tst/simple_tests/network/network_ok_2.sd b/parser/tst/simple_tests/network/network_ok_2.sd
index bb16a23cc..2ad66afdd 100644
--- a/parser/tst/simple_tests/network/network_ok_2.sd
+++ b/parser/tst/simple_tests/network/network_ok_2.sd
@@ -3,6 +3,7 @@
 #=EXRESULT PASS
 #
 /usr/bin/foo {
+  network unspec,
   network inet,
   network ax25,
   network ipx,
diff --git a/parser/tst/simple_tests/network/network_ok_7.sd b/parser/tst/simple_tests/network/network_ok_7.sd
new file mode 100644
index 000000000..2a8ccf887
--- /dev/null
+++ b/parser/tst/simple_tests/network/network_ok_7.sd
@@ -0,0 +1,9 @@
+#
+#=DESCRIPTION basic unspec network tests
+#=EXRESULT PASS
+#
+/usr/bin/foo {
+  network unspec stream,
+  network unspec dgram,
+  network unspec raw,
+}
diff --git a/tests/regression/apparmor/tcp.sh b/tests/regression/apparmor/tcp.sh
index 73eff1b27..da9a6a6f0 100755
--- a/tests/regression/apparmor/tcp.sh
+++ b/tests/regression/apparmor/tcp.sh
@@ -52,6 +52,10 @@ runchecktest "TCP (accept, connect) low numbered port/bind cap" pass 23
 genprofile network:inet 
 runchecktest "TCP (accept, connect) low numbered port/no bind cap" fail 23
 
+# FAIL TEST - make sure that unspec doesn't match
+genprofile network:unspec
+runchecktest "TCP (accept, connect) wrong socket family" fail 23
+
 exit 0
 
 # PASS TEST - accept via interface