From a05ff89a7d19c64ddec2fba02cf2fa1c5de77b67 Mon Sep 17 00:00:00 2001
From: Brett Mack <brett.mack@opencredo.com>
Date: Tue, 10 Nov 2015 22:49:38 +0000
Subject: [PATCH] Changed documentation to better show what can be done with
 firewall rules

---
 .../vcd/r/firewall_rules.html.markdown        | 30 +++++++++++++++----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/website/source/docs/providers/vcd/r/firewall_rules.html.markdown b/website/source/docs/providers/vcd/r/firewall_rules.html.markdown
index e8fb4401d4..172237322a 100644
--- a/website/source/docs/providers/vcd/r/firewall_rules.html.markdown
+++ b/website/source/docs/providers/vcd/r/firewall_rules.html.markdown
@@ -19,13 +19,13 @@ resource "vcd_firewall_rules" "fw" {
     default_action = "drop"
 
     rule {
-        description      = "allow-web"
-        policy           = "allow"
+        description      = "deny-ftp-out"
+        policy           = "deny"
         protocol         = "tcp"
-        destination_port = "80"
-        destination_ip   = "10.10.0.5"
+        destination_port = "21"
+        destination_ip   = "any"
         source_port      = "any"
-        source_ip        = "any"
+        source_ip        = "10.10.0.0/24"
     }
 
     rule {
@@ -39,6 +39,26 @@ resource "vcd_firewall_rules" "fw" {
     }
 
 }
+
+resource "vcd_vapp" "web" {
+    ...
+}
+
+resource "vcd_firewall_rules" "fw-web" {
+    edge_gateway   = "Edge Gateway Name"
+    default_action = "drop"
+
+    rule {
+        description      = "allow-web"
+        policy           = "allow"
+        protocol         = "tcp"
+        destination_port = "80"
+        destination_ip   = "${vcd_vapp.web.ip}"
+        source_port      = "any"
+        source_ip        = "any"
+    }
+}
+
 ```
 
 ## Argument Reference