LGTM. Only thing I'd be careful of the length of the policy name. Note that the networkid is long, so you could end up with a policy name egress-trust-untrust-1234567890123. Perhaps e-t-u-<network-id>
On 3/28/13 8:38 AM, "Jayapal Reddy Uradi" <jayapalreddy.ur...@citrix.com> wrote: >I would like to propose the egress firewall rules feature for the >external firewall device SRX guest network. > >Currently egress firewall rules is supported in the VR isolated network. >With this feature egress firewall rules >is supported in the external device SRX guest networks. > >Jira Id: >https://issues.apache.org/jira/browse/CLOUDSTACK-779 > >FS: >https://cwiki.apache.org/confluence/display/CLOUDSTACK/Egress+firewall+rul >es+feature+support+for+external+device+Juniper+SRX >Please let me know your comments on the above FS. > >Thanks, >Jayapal
