diff --git a/cdist/conf/type/__pf_rdr/manifest b/cdist/conf/type/__pf_rdr/manifest
index 83bf2ed8..39ab4470 100644
--- a/cdist/conf/type/__pf_rdr/manifest
+++ b/cdist/conf/type/__pf_rdr/manifest
@@ -1,20 +1,40 @@
-# TODO header :D
+#!/bin/sh -e
+#
+# 2016 Kamila Součková (coding at kamila.is)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see <http://www.gnu.org/licenses/>.
+#
+
 # TODO it would be cool to print a warning if a generated anchor is unused in pf.conf
 
-DESTDIR=/etc/pf.d
+ANCHORS_DIR=/etc/pf.d
 
-proto="$(cat "$__object/parameter/proto")"
-from="$(cat "$__object/parameter/from")"
-to="$(cat "$__object/parameter/to")"
-state="$(cat "$__object/parameter/state")"
+proto="$(cat "${__object}/parameter/proto")"
+from="$(cat "${__object}/parameter/from")"
+to="$(cat "${__object}/parameter/to")"
+state="$(cat "${__object}/parameter/state")"
 
-from="$(echo $from | sed 's/:/ port /')"
-to="$(echo $to | sed 's/:/ port /')"
+# This breaks utterly with IPv6
+from="$(echo ${from} | sed 's/:/ port /')"
+to="$(echo ${to} | sed 's/:/ port /')"
 
-anchorname="$(echo $__object_id | cut -d/ -f1)"
-rule="rdr pass log proto $proto from any to $from -> $to"
+anchor_name="$(echo ${__object_id} | cut -d/ -f1)"
+rule="rdr pass log proto ${proto} from any to ${from} -> ${to}"
 
-__directory "$DESTDIR" --parents
+__directory "${ANCHORS_DIR}" --parents
 
-require="__directory/$DESTDIR" \
-__line __pf_rdr/$__object_id --state $state --line "$rule" --file $DESTDIR/$anchorname
+require="__directory/${ANCHORS_DIR}" \
+__line __pf_rdr/${__object_id} --state ${state} --line "${rule}" --file ${ANCHORS_DIR}/${anchor_name}