diff --git a/defaults/main.yml b/defaults/main.yml
index 8f90780..c667e0a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -17,11 +17,11 @@ unifi_tmp_dir: "{{ unifi_base_dir }}/tmp"
 
 unifi_iptables_enabled: True
 unifi_open_ports:
-  - { flag: "allow_unifi_web", proto: "tcp", port: "8443" }
-  - { flag: "allow_unifi", proto: "tcp", port: "8080" }
+  - { flag: "allow_unifi_web", direction: "input", proto: "tcp", port: "8443" }
+  - { flag: "allow_unifi", direction: "input", proto: "tcp", port: "8080" }
+  - { flag: "allow_unifi", direction: "output", proto: "tcp", port: "8080" }
   # - { flag: "allow_unifi", proto: "tcp", port: "8880" }
   # - { flag: "allow_unifi", proto: "tcp", port: "8843" }
-  - { flag: "allow_unifi_speedtest", proto: "tcp", port: "6789" }
-  - { flag: "allow_unifi", proto: "tcp", port: "8843" }
-  - { flag: "allow_unifi_stun", proto: "udp", port: "3478" }
-  - { flag: "allow_unifi_discover", proto: "udp", port: "10001" }
+  - { flag: "allow_unifi_speedtest", direction: "output", proto: "tcp", port: "6789" }
+  - { flag: "allow_unifi_stun", direction: "output", proto: "udp", port: "3478" }
+  - { flag: "allow_unifi_discover", direction: "output", proto: "udp", port: "10001" }
diff --git a/tasks/install.yml b/tasks/install.yml
index 419e240..e49c83c 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -47,8 +47,10 @@
     iptables_raw:
       name: "{{ item.flag }}"
       state: present
-      rules: "-A INPUT -m state --state NEW -p {{ item.proto }} --dport {{ item.port }} -j ACCEPT"
+      rules: "-A {{ item.direction | upper }} -m state --state NEW -p {{ item.proto » lower }} --dport {{ item.port }} -j ACCEPT"
     with_items: "{{ unifi_open_ports }}"
+    loop_control:
+      label: "{{ item.flag }}"
     when: unifi_iptables_enabled
 
   - name: Create systemd unit files