From 63b9335c03de9e75a1c562a37483db194b735e18 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Wed, 11 Jul 2018 23:45:32 +0200
Subject: [PATCH] try to fix iptables

---
 defaults/main.yml | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 753f0e0..3275fbe 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -19,17 +19,11 @@ unifi_tmp_dir: "{{ unifi_base_dir }}/tmp"
 unifi_iptables_enabled: True
 unifi_open_ports:
   - { flag: "allow_unifi_web", direction: "input", proto: "tcp", port: "8443" }
-  - { flag: "allow_unifi", direction: "input", proto: "tcp", port: "8080" }
-  - { flag: "allow_unifi", direction: "output", proto: "tcp", port: "8080" }
-  - { flag: "allow_unifi", direction: "input", proto: "tcp", port: "8880" }
-  - { flag: "allow_unifi", direction: "output", proto: "tcp", port: "8880" }
-  - { flag: "allow_unifi", direction: "input", proto: "tcp", port: "8843" }
-  - { flag: "allow_unifi", direction: "output", proto: "tcp", port: "8843" }
+  - { flag: "allow_unifi_comm_in", direction: "input", proto: "tcp", port: "8080" }
+  - { flag: "allow_unifi_comm_out", direction: "output", proto: "tcp", port: "8080" }
   - { flag: "allow_unifi_speedtest", direction: "output", proto: "tcp", port: "6789" }
-  - { flag: "allow_unifi_stun", direction: "input", proto: "udp", port: "3478" }
-  - { flag: "allow_unifi_stun", direction: "output", proto: "udp", port: "3478" }
-  - { flag: "allow_unifi_discover", direction: "input", proto: "udp", port: "10001" }
-  - { flag: "allow_unifi_discover", direction: "output", proto: "udp", port: "10001" }
-  - { flag: "allow_unifi_broadcast", direction: "input", proto: "udp", port: "5656:5699" }
-  - { flag: "allow_unifi_broadcast", direction: "output", proto: "udp", port: "5656:5699" }
-  - { flag: "allow_ssh", direction: "output", proto: "tcp", port: "22" }
+  - { flag: "allow_unifi_stun_in", direction: "input", proto: "udp", port: "3478" }
+  - { flag: "allow_unifi_stun_out", direction: "output", proto: "udp", port: "3478" }
+  - { flag: "allow_unifi_discover_in", direction: "input", proto: "udp", port: "10001" }
+  - { flag: "allow_unifi_discover_out", direction: "output", proto: "udp", port: "10001" }
+  - { flag: "allow_ssh_out", direction: "output", proto: "tcp", port: "22" }