diff --git a/conf/type/__pf_apply/explorer/rcvar b/conf/type/__pf_apply/explorer/rcvar
new file mode 100755
index 00000000..20e9dfcc
--- /dev/null
+++ b/conf/type/__pf_apply/explorer/rcvar
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Get the location of the pf ruleset on the target host.
+#
+
+# Debug
+#exec >&2
+#set -x
+
+# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
+
+RC="/etc/rc.conf"
+PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
+echo ${PFCONF:-"/etc/pf.conf"}
+
+# Debug
+#set +x
+
diff --git a/conf/type/__pf_apply/gencode-remote b/conf/type/__pf_apply/gencode-remote
new file mode 100755
index 00000000..f7c889b4
--- /dev/null
+++ b/conf/type/__pf_apply/gencode-remote
@@ -0,0 +1,51 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Apply pf(4) ruleset on *BSD
+#
+
+# Debug
+#exec >&2
+#set -x
+
+rcvar=$(cat "$__object/explorer/rcvar")
+
+cat <&2
+ fi
+fi
+EOF
+
+# Debug
+#set +x
+
diff --git a/conf/type/__pf_apply/man.text b/conf/type/__pf_apply/man.text
new file mode 100644
index 00000000..55bf5745
--- /dev/null
+++ b/conf/type/__pf_apply/man.text
@@ -0,0 +1,52 @@
+cdist-type__pf_apply(7)
+==================================
+Jake Guffey
+
+
+NAME
+----
+cdist-type__pf_apply - Apply pf(4) ruleset on *BSD
+
+
+DESCRIPTION
+-----------
+This type is used on *BSD systems to manage the pf firewall's active ruleset.
+
+
+REQUIRED PARAMETERS
+-------------------
+NONE
+
+
+OPTIONAL PARAMETERS
+-------------------
+NONE
+
+
+EXAMPLES
+--------
+
+--------------------------------------------------------------------------------
+# Modify the ruleset on $__target_host:
+__pf_ruleset --state present --source /my/pf/ruleset.conf
+require="__pf_ruleset" \
+ __pf_apply
+
+# Remove the ruleset on $__target_host (implies disabling pf(4):
+__pf_ruleset --state absent
+require="__pf_ruleset" \
+ __pf_apply
+--------------------------------------------------------------------------------
+
+
+SEE ALSO
+--------
+- cdist-type(7)
+- cdist-type__pf_ruleset(7)
+- pf(4)
+
+
+COPYING
+-------
+Copyright \(C) 2012 Jake Guffey. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/conf/type/__pf_apply/singleton b/conf/type/__pf_apply/singleton
new file mode 100644
index 00000000..e69de29b