---
- name: enable pf
  community.general.sysrc:
    name: pf_enable
    value: "YES"
  notify: start pf

- name: enable pflog
  community.general.sysrc:
    name: pflog_enable
    value: "YES"
  notify: start pflog

- name: template pf.conf
  template:
    src: pf.conf.j2
    dest: /etc/pf.conf
  notify: reload pf

- meta: flush_handlers