[Gateway] Update new egress policy selectors (#22045)

Author: maxvp

src/content/docs/cloudflare-one/policies/gateway/dns-policies/index.mdx

@@ -347,11 +347,14 @@ Use this selector to filter DNS responses by their `TXT` records.
 
 ### Domain
 
-<Render file="gateway/selectors/domain" />
+<Render
+	file="gateway/selectors/domain"
+	params={{ APIendpoint: "dns.domains" }}
+/>
 
 ### Host
 
-<Render file="gateway/selectors/host" />
+<Render file="gateway/selectors/host" params={{ APIendpoint: "dns.fqdn" }} />
 
 ### Indicator Feeds
 

src/content/docs/cloudflare-one/policies/gateway/egress-policies/index.mdx

@@ -68,7 +68,7 @@ Gateway matches egress traffic against the following selectors, or criteria:
 
 <Render
 	file="gateway/selectors/net-http-content-categories"
-	params={{ APIendpoint: "net.fqdn.category" }}
+	params={{ APIendpoint: "net.fqdn.content_category" }}
 />
 
 <Render file="gateway/selectors/egress-selector-limitation" />
@@ -101,13 +101,19 @@ Gateway matches egress traffic against the following selectors, or criteria:
 
 ### Domain <Badge text="Beta" variant="caution"/>
 
-<Render file="gateway/selectors/domain" />
+<Render
+	file="gateway/selectors/domain"
+	params={{ APIendpoint: "net.fqdn.domains" }}
+/>
 
 <Render file="gateway/selectors/egress-selector-limitation" />
 
 ### Host <Badge text="Beta" variant="caution"/>
 
-<Render file="gateway/selectors/host" />
+<Render
+	file="gateway/selectors/host"
+	params={{ APIendpoint: "net.fqdn.host" }}
+/>
 
 <Render file="gateway/selectors/egress-selector-limitation" />
 
@@ -174,17 +180,13 @@ Gateway uses Rust to evaluate regular expressions. The Rust implementation is sl
 
 The [Application](#application), [Content Categories](#content-categories), [Domain](#domain), and [Host](#host) selectors are only available for traffic onboarded to Gateway with [WARP](/cloudflare-one/connections/connect-devices/warp/), [PAC files](/cloudflare-one/connections/connect-devices/agentless/pac-files/), or [Browser Isolation](/cloudflare-one/policies/browser-isolation/). To use these selectors to filter traffic onboarded with WARP, you need to:
 
-1. In your WARP [device profile](/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/), ensure Split Tunnel is set to [**Exclude IPs and domains**](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#change-split-tunnels-mode).
-2. [Remove the route](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#remove-a-route) to the IP address `100.64.0.0/10` from your Split Tunnel list.
-3. [Add routes](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to exclude the following IP addresses:
+1. Ensure you have deployed [WARP beta version 2025.4.589.1](/cloudflare-one/connections/connect-devices/warp/download-warp/beta-releases/) or later on your users' devices.
+2. In your WARP [device profile](/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/), ensure Split Tunnel is set to [**Exclude IPs and domains**](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#change-split-tunnels-mode).
+3. [Remove the route](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#remove-a-route) to the IP address `100.64.0.0/10` from your Split Tunnel list.
+4. [Add routes](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to exclude the following IP addresses:
    - `100.64.0.0/12`
    - `100.81.0.0/16`
    - `100.82.0.0/15`
    - `100.84.0.0/14`
    - `100.88.0.0/13`
    - `100.96.0.0/11`
-4. Add and deploy the following key-value pair to your devices' [WARP configuration file](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/) (`mdm.xml` on Windows and Linux or `com.cloudflare.warp.plist` on macOS):
-   ```xml
-   <key>doh_in_tunnel</key>
-   <true/>
-   ```

src/content/docs/cloudflare-one/policies/gateway/resolver-policies.mdx

@@ -105,11 +105,14 @@ For more information on creating a DNS policy, refer to [DNS policies](/cloudfla
 
 ### Domain
 
-<Render file="gateway/selectors/domain" />
+<Render
+	file="gateway/selectors/domain"
+	params={{ APIendpoint: "dns.domains" }}
+/>
 
 ### Host
 
-<Render file="gateway/selectors/host" />
+<Render file="gateway/selectors/host" params={{ APIendpoint: "dns.fqdn" }} />
 
 ### Location
 

src/content/partials/cloudflare-one/gateway/selectors/destination-ip.mdx

@@ -4,6 +4,6 @@
 
 The IP address of the request's target.
 
-| UI name        | API example                  |
-| -------------- | ---------------------------- |
-| Destination IP | `net.dst.ip == "10.0.0.0/8"` |
+| UI name        | API example               |
+| -------------- | ------------------------- |
+| Destination IP | `net.dst.ip == 192.0.2.0` |

src/content/partials/cloudflare-one/gateway/selectors/destination-port.mdx

@@ -4,6 +4,6 @@
 
 The port number of the request's target.
 
-| UI name          | API example              |
-| ---------------- | ------------------------ |
-| Destination Port | `net.dst.port == "2222"` |
+| UI name          | API example            |
+| ---------------- | ---------------------- |
+| Destination Port | `net.dst.port == 2222` |

src/content/partials/cloudflare-one/gateway/selectors/domain.mdx

@@ -1,9 +1,10 @@
 ---
-{}
+params:
+  - APIendpoint
 ---
 
 Use this selector to match against a domain and all subdomains. For example, you can match `example.com` and its subdomains, such as `www.example.com`.
 
-| UI name | API example                            | Evaluation phase      |
-| ------- | -------------------------------------- | --------------------- |
-| Domain  | `any(dns.domains[*] == "example.com")` | Before DNS resolution |
+| UI name | API example                                       | Evaluation phase      |
+| ------- | ------------------------------------------------- | --------------------- |
+| Domain  | <code>any({props.APIendpoint}[*] in \{1\})</code> | Before DNS resolution |

src/content/partials/cloudflare-one/gateway/selectors/host.mdx

@@ -1,9 +1,10 @@
 ---
-{}
+params:
+  - APIendpoint
 ---
 
 Use this selector to match against only the hostname specified. For example, you can match `test.example.com` but not `example.com` or `www.test.example.com`.
 
-| UI name | API example                      | Evaluation phase      |
-| ------- | -------------------------------- | --------------------- |
-| Host    | `dns.fqdn == "test.example.com"` | Before DNS resolution |
+| UI name | API example                                         | Evaluation phase      |
+| ------- | --------------------------------------------------- | --------------------- |
+| Host    | <code>{props.APIendpoint} == \"example.com\"</code> | Before DNS resolution |

src/content/partials/cloudflare-one/gateway/selectors/net-http-content-categories.mdx

@@ -3,10 +3,8 @@ params:
   - APIendpoint
 ---
 
-import { Markdown } from "~/components";
-
-| UI name            | API example                                            |
-| ------------------ | ------------------------------------------------------ |
-| Content Categories | <code>not(any({props.APIendpoint}[*] in \{1\}))</code> |
+| UI name            | API example                                       |
+| ------------------ | ------------------------------------------------- |
+| Content Categories | <code>any({props.APIendpoint}[*] in \{1\})</code> |
 
 For more information, refer to the list of [content categories](/cloudflare-one/policies/gateway/domain-categories/#content-categories).