now firewall support geoip ,that is cool ,but it is only for firewall , also need for policy route/local-route destination .
like this :
set policy route shunt rule 1 destination geoip country-code cn
set policy local-route rule 1 destination geoip country-code us
seems geoip will convert to lots of cidr address , that may make the config file too big to read/check. could add a feature like include config.d/ in linux ?
thanks!