Adjust Unifi Rules - Open STUN PORT from controller to APs.

ip6t-firewall-gateway

@@ -2860,11 +2860,11 @@ fi
 
 
 # ---
-# - Ubiquiti Unifi Controler (Accesspoints) Gateway
+# - Ubiquiti Unifi Controller (Accesspoints) Gateway
 # ---
 
 
-echononl "\t\tUbiquiti Unifi Controler (Accesspoints) Gateway"
+echononl "\t\tUbiquiti Unifi Controller Gateway"
 if $local_unifi_controller_service ; then
    for _dev in ${local_if_arr[@]} ; do
       $ip6t -A INPUT -p udp -i $_dev -m multiport --dports $unify_broadcast_udp_ports -m conntrack --ctstate NEW -j ACCEPT
@@ -2878,12 +2878,32 @@ else
    echo_skipped
 fi
 
+echononl "\t\tUbiquiti Unifi Controller Gateway - STUN to Unifi APs"
+if $local_unifi_controller_service ; then
+
+   if [[ ${#unifi_ap_local_ip_arr[@]} -gt 0 ]] ; then
+
+      for _ip_ap in ${unifi_ap_local_ip_arr[@]} ; do
+
+         $ip6t -A OUTPUT -p udp -d $_ip_ap -m multiport --sports $unify_udp_ports -m conntrack --ctstate NEW -j ACCEPT
+
+      done
+
+      echo_done
+   else
+      echo_skipped
+      warn "Local Unifi Controller is defined, but no Unifi APs!"
+   fi
+else
+   echo_skipped
+fi
+
 
 # ---
-# - Ubiquiti Unifi Controler (Accesspoints) local Network
+# - Ubiquiti Unifi Controller (Accesspoints) local Network
 # ---
 
-echononl "\t\tUbiquiti Unifi Controler (Accesspoints) local Network"
+echononl "\t\tUbiquiti Unifi Controller (Accesspoints) local Network"
 if [[ ${#unify_controller_local_net_ip_arr[@]} -gt 0 ]] \
    && $kernel_forward_between_interfaces \
    && ! $permit_between_local_networks ; then