I have a Idea that I would like to see implemented in XOS.
The abliity in a ACL call another ACL so that we can work with nested ACLs.
The reason for this the possibility to work with common ACLs that benifits the community in large, for instance
BGP ACL that filters out bogus prefix, denies private AS etc
That ACL could be shared thru github and then used in a nested acl to apply other policies that is custom to the specific use case.
There is toons of more use cases that could benifit from this.