diff --git a/defaults/main.yml b/defaults/main.yml
index f2151ca..a0a5647 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -18,12 +18,16 @@ unifi_tmp_dir: "{{ unifi_base_dir }}/tmp"
 
 unifi_iptables_enabled: True
 unifi_open_ports:
-  - { flag: "allow_unifi_web", direction: "input", proto: "tcp", port: "8443" }
-  - { flag: "allow_unifi_comm", direction: "input", proto: "tcp", port: "8080" }
-  - { flag: "allow_unifi_comm", direction: "output", proto: "tcp", port: "8080" }
-  - { flag: "allow_unifi_speedtest", direction: "output", proto: "tcp", port: "6789" }
-  - { flag: "allow_unifi_stun", direction: "input", proto: "udp", port: "3478" }
-  - { flag: "allow_unifi_stun", direction: "output", proto: "udp", port: "3478" }
-  - { flag: "allow_unifi_discover", direction: "input", proto: "udp", port: "10001" }
-  - { flag: "allow_unifi_discover", direction: "output", proto: "udp", port: "10001" }
-  - { flag: "allow_ssh", direction: "output", proto: "tcp", port: "22" }
+  # unifi webinterface
+  - "-A INPUT -m state --state NEW -p 8443 --dport tcp -j ACCEPT"
+  # unifi client server communication
+  - "-A INPUT -m state --state NEW -p 8080 --dport tcp -j ACCEPT"
+  - "-A OUTPUT -m state --state NEW -p 8080 --dport tcp -j ACCEPT"
+  # unifi speedtest
+  - "-A OUTPUT -m state --state NEW -p 6789 --dport tcp -j ACCEPT"
+  # unifi stun
+  - "-A INPUT -m state --state NEW -p 3478 --dport udp -j ACCEPT"
+  - "-A OUTPUT -m state --state NEW -p 3478 --dport udp -j ACCEPT"
+  # ap discovery
+  - "-A INPUT -m state --state NEW -p 10001 --dport udp -j ACCEPT"
+  - "-A OUTPUT -m state --state NEW -p 10001 --dport udp -j ACCEPT"
diff --git a/tasks/install.yml b/tasks/install.yml
index 81b081b..96b33f2 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -33,22 +33,22 @@
   become_user: "{{ unifi_user }}"
   when:  unifi_current_version is version_compare(unifi_version, ">") or unifi_current_version is version_compare('0.0.0', "=")
 
-# - block:
-#   - name: Remove data folder from new version
-#     file:
-#       path: "{{ unifi_base_dir }}/{{ unifi_current_version }}//UniFi/data"
-#       state: absent
-#
-#   - name: Copy data folder from previews version
-#     copy:
-#       src: "{{ unifi_base_dir }}/{{ unifi_version }}//UniFi/data"
-#       dest: "{{ unifi_base_dir }}/{{ unifi_current_version }}//UniFi/data"
-#       remote_src: True
-#   become: True
-#   become_user: "{{ unifi_user }}"
-#   when:
-#     - unifi_current_version is version_compare(unifi_version, ">")
-#     - unifi_restore_after_upgrade
+- block:
+  - name: Remove data folder from new version
+    file:
+      path: "{{ unifi_base_dir }}/{{ unifi_current_version }}//UniFi/data"
+      state: absent
+
+  - name: Copy data folder from previews version
+    synchronize:
+      src: "{{ unifi_base_dir }}/{{ unifi_version }}//UniFi/data"
+      dest: "{{ unifi_base_dir }}/{{ unifi_current_version }}//UniFi/data"
+    delegate_to: "{{ inventory_hostname }}"
+  become: True
+  become_user: "{{ unifi_user }}"
+  when:
+    - unifi_current_version is version_compare(unifi_version, ">")
+    - unifi_restore_after_upgrade
 
 - name: Create symlink for latest version
   file:
@@ -64,10 +64,7 @@
     iptables_raw:
       name: "{{ item.flag }}"
       state: present
-      rules: "-A {{ item.direction | upper }} -m state --state NEW -p {{ item.proto | lower }} --dport {{ item.port }} -j ACCEPT"
-    with_items: "{{ unifi_open_ports }}"
-    loop_control:
-      label: "{{ item.flag }}"
+      rules:"{{ unifi_open_ports }}"
     when: unifi_iptables_enabled
 
   - name: Create systemd unit files