configpolicy/group_vars/dch-gw/dch-network.yml

nat_port_forwards:
- protocol: tcp
  port: http
  destination: 172.30.0.6
- protocol: tcp
  port: https
  destination: 172.30.0.6
- protocol: tcp
  port: ssh
  destination: 172.30.0.5
- protocol: tcp
  port: rsync
  destination: 172.31.0.5
- protocol: udp
  port: 16881-16999
  destination: 172.31.0.5
- protocol: tcp
  port: 22000
  destination: 172.30.0.5


allow_incoming:
- protocol: udp
  port: domain
- protocol: tcp
  port: domain
- protocol: udp
  port: bootps
- protocol: tcp
  port: ssh
- protocol: tcp
  port: 9876
- protocol: tcp
  port: 10050


allow_outgoing:
- protocol: udp
  port: ntp
- protocol: udp
  port: dhcpv6-server
- protocol: udp
  port: bootps
- protocol: udp
  port: bootpc
- protocol: tcp
  port: https
- protocol: tcp
  port: http
- protocol: udp
  port: domain
- protocol: tcp
  port: domain
- protocol: udp
  port: ntp
- protocol: tcp
  port: 10051

trace_dropped: true