diff --git a/ansible/environments/home/host_vars/homeserver b/ansible/environments/home/host_vars/homeserver
index e406bab..74d6b8f 100644
--- a/ansible/environments/home/host_vars/homeserver
+++ b/ansible/environments/home/host_vars/homeserver
@@ -25,6 +25,8 @@ users:
     gitconfig: "gitconfig_home"
 sshd_enabled: true
 sshd_conf: "sshd_config"
+prefer_ipv6: true
+dummynet_config: "dnctl.conf"
 pf_config: "homeserver_pf.conf"
 pflog_conf:
   - name: 0
diff --git a/ansible/roles/dummynet/files/dnctl_rc.conf b/ansible/roles/dummynet/files/dnctl_rc.conf
index 62b4c8f..627bde2 100644
--- a/ansible/roles/dummynet/files/dnctl_rc.conf
+++ b/ansible/roles/dummynet/files/dnctl_rc.conf
@@ -1 +1,2 @@
 dnctl_enable="YES"
+dnctl_rules="/etc/dnctl.conf"
diff --git a/ansible/roles/emacs/files/plainmacs b/ansible/roles/emacs/files/plainmacs
index 9c2bffc..59a232f 100755
--- a/ansible/roles/emacs/files/plainmacs
+++ b/ansible/roles/emacs/files/plainmacs
@@ -15,7 +15,8 @@ INIT_SCRIPT=$(cat <<EOF
   ;; Set default font
   (set-face-attribute 'default nil :height 100 :width 'regular :weight 'regular :family "Cascadia Mono")
   ;; Set fallback font for unicode glyphs
-  (set-fontset-font "fontset-default" nil (font-spec :name "Noto Color Emoji"))
+  (when (display-graphic-p)
+    (set-fontset-font "fontset-default" nil (font-spec :name "Noto Color Emoji")))
   (menu-bar-mode -1)
   (when (fboundp 'tool-bar-mode)
     (tool-bar-mode -1))
diff --git a/ansible/roles/emacs/files/plainmacs_init.el b/ansible/roles/emacs/files/plainmacs_init.el
index 389e0a0..c5af68c 100644
--- a/ansible/roles/emacs/files/plainmacs_init.el
+++ b/ansible/roles/emacs/files/plainmacs_init.el
@@ -11,7 +11,8 @@
   ;; Set default font
   (set-face-attribute 'default nil :height 100 :width 'regular :weight 'regular :family "Cascadia Mono")
   ;; Set fallback font for unicode glyphs
-  (set-fontset-font "fontset-default" nil (font-spec :name "Noto Color Emoji"))
+  (when (display-graphic-p)
+    (set-fontset-font "fontset-default" nil (font-spec :name "Noto Color Emoji")))
   (menu-bar-mode -1)
   (when (fboundp 'tool-bar-mode)
     (tool-bar-mode -1))
diff --git a/ansible/roles/firewall/files/homeserver_pf.conf b/ansible/roles/firewall/files/homeserver_pf.conf
index cfc8592..240c3fd 100644
--- a/ansible/roles/firewall/files/homeserver_pf.conf
+++ b/ansible/roles/firewall/files/homeserver_pf.conf
@@ -4,6 +4,7 @@ jail_nat_v4 = "{ 10.215.1.0/24 }"
 not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
 restricted_nat_v4 = "{ 10.215.2.0/24 }"
 not_restricted_nat_v4 = "{ any, !10.215.2.0/24 }"
+rfc1918 = "{ 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 }"
 
 dhcp = "{ bootpc, bootps }"
 allow = "{ wgh wgf }"
@@ -54,6 +55,10 @@ rdr pass on $ext_if inet proto {udp, tcp} from any to any port $unifi_ports -> 1
 block log all
 pass out on $ext_if
 
+# match in on jail_nat from any to any dnpipe 1
+# match in on jail_nat from any to $rfc1918 dnpipe 2
+# match in on restricted_nat from any to any dnpipe 1
+
 pass in on jail_nat
 # Allow traffic from my machine to the jails/virtual machines
 pass out on jail_nat from $jail_nat_v4
diff --git a/ansible/roles/firewall/files/odofreebsd_pf.conf b/ansible/roles/firewall/files/odofreebsd_pf.conf
index b52aa1c..628eda5 100644
--- a/ansible/roles/firewall/files/odofreebsd_pf.conf
+++ b/ansible/roles/firewall/files/odofreebsd_pf.conf
@@ -28,8 +28,8 @@ block log all
 pass out on $ext_if
 
 pass in on jail_nat
-match in on jail_nat from any to any dnpipe 1
-match in on jail_nat from any to $rfc1918 dnpipe 2
+# match in on jail_nat from any to any dnpipe 1
+# match in on jail_nat from any to $rfc1918 dnpipe 2
 # Allow traffic from my machine to the jails/virtual machines
 pass out on jail_nat from $jail_nat_v4
 
diff --git a/ansible/roles/network/files/homeserver_network.conf b/ansible/roles/network/files/homeserver_network.conf
index bc9cca2..9124ea6 100644
--- a/ansible/roles/network/files/homeserver_network.conf
+++ b/ansible/roles/network/files/homeserver_network.conf
@@ -1,3 +1,4 @@
 wlans_ath0="wlan0"
 ifconfig_wlan0="WPA DHCP"
 ifconfig_wlan0_ipv6="inet6 accept_rtadv"
+ipv6_cpe_wanif="wlan0"
diff --git a/ansible/roles/network/tasks/freebsd.yaml b/ansible/roles/network/tasks/freebsd.yaml
index 3ebab83..c817fb5 100644
--- a/ansible/roles/network/tasks/freebsd.yaml
+++ b/ansible/roles/network/tasks/freebsd.yaml
@@ -59,14 +59,15 @@
 
 - name: Prefer ipv6
   when: prefer_ipv6
-  sysctl:
-    name: "{{ item.name }}"
-    value: "{{ item.value }}"
-    state: present
-    sysctl_file: "/etc/rc.conf.d/ip6addrctl"
-  loop:
-    - name: ip6addrctl_policy
-      value: "ipv6_prefer"
+  blockinfile:
+    path: "/etc/rc.conf.d/ip6addrctl"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK"
+    create: true
+    mode: 0600
+    owner: root
+    group: wheel
+    block: |
+      ip6addrctl_policy="ipv6_prefer"
 
 - name: Don't Prefer ipv6
   when: not prefer_ipv6