# pf ~~ tasks/main.yml --- - name: Generate pf configuration template: src: templates/pf.conf.j2 dest: /etc/pf.conf owner: root group: "{{ group_root }}" mode: "0600" - name: Enable pf shell: /sbin/pfctl -e ignore_errors: true - name: Restart pf shell: /sbin/pfctl -f /etc/pf.conf - name: Test ssh connection on new pf rule wait_for: port: 22 delay: 2 state: started