[j-nsp] Leaking OSPF routes into ISIS

[Phil Shafer]

Hugo Slabbert writes:
>I generally create an explicit 'reject-all' policy and stick that at the=20
>end of policy lists, rather than nesting the reject within an existing=20
>policy.  It's a bit clearer.

You can also do this with a config group, since they are added (to lists)
after the foreground config:

Something like:

    groups default-reject policy-options policy-statement <*> then reject;
    protocols apply-groups default-reject;

Thanks,
 Phil