[ZT] Remove single use partials (#24274)

* Remove Gateway partials

* Remove learning path partial

Author: maxvp

src/content/docs/cloudflare-one/insights/logs/gateway-logs/index.mdx

@@ -195,19 +195,19 @@ When an HTTP request results in an error, Gateway logs the first 512 bytes of th
 
 #### Basic information
 
-| Field                        | Description                                                                                                                                                                                                          |
-| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **Host**                     | Hostname in the HTTP header for the HTTP request. Gateway will log the SNI in this field if it responded to the request with a Do Not Inspect action. If Gateway does not receive the SNI, this field will be empty. |
-| **Email**                    | Email address of the user who made the HTTP request. This is generated by the WARP client.                                                                                                                           |
-| **Action**                   | The Gateway [Action](/cloudflare-one/policies/gateway/dns-policies/#actions) taken based on the first rule that matched (such as Allow or Block).                                                                    |
-| **Request ID**               | Unique ID of the request.                                                                                                                                                                                            |
-| **Time**                     | Date and time of the HTTP request.                                                                                                                                                                                   |
-| **Source internal IP**       | Private IP address assigned by the user's local network.                                                                                                                                                             |
-| **User agent**               | User agent header sent in the request by the originating device.                                                                                                                                                     |
-| **Policy details**           | Policy corresponding to the decision Gateway made based on the traffic criteria of the request.                                                                                                                      |
-| **DLP profiles**             | Name of the matched [DLP profile](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/).                                                                                                                      |
-| **DLP profile entries**      | Name of the matched entry within the DLP profile.                                                                                                                                                                    |
-| **Uploaded/downloaded file** | <Render file="gateway/uploaded-downloaded-file" />                                                                                                                                                                   |
+| Field                        | Description                                                                                                                                                                                                                                                                                                                              |
+| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **Host**                     | Hostname in the HTTP header for the HTTP request. Gateway will log the SNI in this field if it responded to the request with a Do Not Inspect action. If Gateway does not receive the SNI, this field will be empty.                                                                                                                     |
+| **Email**                    | Email address of the user who made the HTTP request. This is generated by the WARP client.                                                                                                                                                                                                                                               |
+| **Action**                   | The Gateway [Action](/cloudflare-one/policies/gateway/dns-policies/#actions) taken based on the first rule that matched (such as Allow or Block).                                                                                                                                                                                        |
+| **Request ID**               | Unique ID of the request.                                                                                                                                                                                                                                                                                                                |
+| **Time**                     | Date and time of the HTTP request.                                                                                                                                                                                                                                                                                                       |
+| **Source internal IP**       | Private IP address assigned by the user's local network.                                                                                                                                                                                                                                                                                 |
+| **User agent**               | User agent header sent in the request by the originating device.                                                                                                                                                                                                                                                                         |
+| **Policy details**           | Policy corresponding to the decision Gateway made based on the traffic criteria of the request.                                                                                                                                                                                                                                          |
+| **DLP profiles**             | Name of the matched [DLP profile](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/).                                                                                                                                                                                                                                          |
+| **DLP profile entries**      | Name of the matched entry within the DLP profile.                                                                                                                                                                                                                                                                                        |
+| **Uploaded/downloaded file** | Information about the file transferred in the request found by [enhanced file detection](#enhanced-file-detection). Details include: <ul><li>File name</li><li>File type</li><li>File size</li><li>File hash (for Allowed requests only)</li><li>Content type</li><li>Direction (Upload/Download)</li><li>Action (Block/Allow)</li></ul> |
 
 #### Matched policies
 

src/content/docs/cloudflare-one/policies/gateway/dns-policies/index.mdx

@@ -360,7 +360,13 @@ Use this selector to filter DNS responses by their `TXT` records.
 
 ### Indicator Feeds
 
-<Render file="gateway/selectors/indicator-feeds" params={{ one: "dns" }} />
+Use this selector to match against custom indicator feeds.
+
+You can use a [publicly available indicator feed](/security-center/indicator-feeds/#publicly-available-feeds) or a custom indicator feed assigned to your account by a designated third-party vendor. For more information on indicator feeds, refer to [Custom Indicator Feeds](/security-center/indicator-feeds/).
+
+| UI name         | API example          | Evaluation phase      |
+| --------------- | -------------------- | --------------------- |
+| Indicator Feeds | `dns.indicator_feed` | Before DNS resolution |
 
 <Render file="gateway/selectors/category-options" />
 

src/content/docs/cloudflare-one/policies/gateway/domain-categories.mdx

@@ -5,11 +5,13 @@ sidebar:
   order: 10
 ---
 
-import { Render } from "~/components";
-
 Cloudflare Gateway allows you to block known and potential security risks on the public Internet, as well as specific categories of content. Domains are categorized by [Cloudflare Radar](/radar/glossary/#content-categories).
 
-<Render file="gateway/domain-categories" />
+Cloudflare categorizes domains into content categories and security categories, which cover security risks and security threats:
+
+- **Content categories**: An upstream vendor supplies content categories for domains. These categories help us organize domains into broad topic areas. However, the specific criteria and methods used by our vendor may not be disclosed.
+- **Security risks**: Cloudflare determines security risks for domains using internal models. These models analyze various factors, including the age of a domain and its reputation. This allows us to identify potentially risky domains.
+- **Security threats**: To identify malicious domains that pose security threats, Cloudflare employs a mix of internal data sources, machine learning models, commercial feeds, and open-source threat intelligence.
 
 You can block security and content categories by creating DNS or HTTP policies. Once you have configured your policies, you will be able to inspect network activity and the associated categories in your Gateway logs.
 
@@ -71,7 +73,6 @@ Subdomains that have not been assigned a category will inherit the category of t
 | Violence               | Sites hosting and/or promoting violent content.                                                                                                                                   |
 | Weather                | Sites related to weather.                                                                                                                                                         |
 
-
 ### Miscellaneous subcategories
 
 | Category      | Definition                                                                   |

src/content/docs/cloudflare-one/policies/gateway/initial-setup/dns.mdx

@@ -11,7 +11,7 @@ learning_center:
   link: https://www.cloudflare.com/learning/access-management/what-is-dns-filtering/
 ---
 
-import { GlossaryTooltip, Render } from "~/components";
+import { GlossaryTooltip, Render, Tabs, TabItem } from "~/components";
 
 Secure Web Gateway allows you to inspect DNS traffic and control which websites users can visit.
 
@@ -55,7 +55,65 @@ To verify your device is connected to Zero Trust:
 
 ## 3. Create your first DNS policy
 
-<Render file="gateway/get-started/create-dns-policy" />
+To create a new DNS policy:
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
+1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
+2. In the **DNS** tab, select **Add a policy**.
+3. Name the policy.
+4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block.
+5. Choose an **Action** to take when traffic matches the logical expression. For example, we recommend adding a policy to block all [security categories](/cloudflare-one/policies/gateway/domain-categories/#security-categories):
+   <Render
+   	file="gateway/policies/block-security-categories"
+   	product="cloudflare-one"
+   />
+6. Select **Create policy**.
+
+</TabItem>
+
+<TabItem label="API">
+
+1. [Create an API token](/fundamentals/api/get-started/create-token/) with the following permissions:
+
+   | Type    | Item       | Permission |
+   | ------- | ---------- | ---------- |
+   | Account | Zero Trust | Edit       |
+
+2. (Optional) Configure your API environment variables to include your [account ID](/fundamentals/account/find-account-and-zone-ids/) and API token.
+3. Send a `POST` request to the [Create a Zero Trust Gateway rule](/api/resources/zero_trust/subresources/gateway/subresources/rules/methods/create/) endpoint. For example, we recommend adding a policy to block all [security categories](/cloudflare-one/policies/gateway/domain-categories/#security-categories):
+
+   ```sh title="curl API DNS policy example"
+   curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/rules \
+   --header "Content-Type: application/json" \
+   --header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+   --data '{
+     "name": "Block security threats",
+     "description": "Block all default Cloudflare DNS security categories",
+     "precedence": 0,
+     "enabled": true,
+     "action": "block",
+     "filters": [
+       "dns"
+     ],
+     "traffic": "any(dns.security_category[*] in {68 178 80 83 176 175 117 131 134 151 153})",
+     "identity": ""
+   }'
+   ```
+
+   ```sh output
+   {
+   	 "success": true,
+   	 "errors": [],
+   	 "messages": []
+   }
+   ```
+
+   The API will respond with a summary of the policy and the result of your request.
+
+</TabItem> </Tabs>
+
+For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).
 
 ## 4. Add optional policies
 

src/content/docs/cloudflare-one/policies/gateway/network-policies/index.mdx

@@ -286,7 +286,11 @@ Gateway matches network traffic against the following selectors, or criteria.
 
 ### Detected Protocol
 
-<Render file="gateway/selectors/protocol-detection" />
+The inferred network protocol based on Cloudflare's [protocol detection](/cloudflare-one/policies/gateway/network-policies/protocol-detection/).
+
+| UI name           | API example                       |
+| ----------------- | --------------------------------- |
+| Detected Protocol | `net.protocol.detection == "ssh"` |
 
 ### Device Posture
 
@@ -315,11 +319,23 @@ To enable Gateway filtering on TCP and UDP, go to **Settings** > **Network** > *
 
 ### SNI
 
-<Render file="gateway/selectors/sni" />
+The host whose Server Name Indication (SNI) header Gateway will filter traffic against. This will allow for an exact match.
+
+This selector only applies to traffic on port `443`.
+
+| UI name | API example                         |
+| ------- | ----------------------------------- |
+| SNI     | `net.sni.host == "www.example.com"` |
 
 ### SNI Domain
 
-<Render file="gateway/selectors/sni-domain" />
+The domain whose Server Name Indication (SNI) header Gateway will filter traffic against. For example, a rule for `example.com` will match `example.com`, `www.example.com`, and `my.test.example.com`.
+
+This selector only applies to traffic on port `443`.
+
+| UI name    | API example                        |
+| ---------- | ---------------------------------- |
+| SNI Domain | `net.sni.domains == "example.com"` |
 
 ### Source Continent
 

src/content/docs/learning-paths/cybersafe/gateway-onboarding/gateway-create-cipa-policy.mdx

@@ -10,7 +10,12 @@ import { Render } from "~/components";
 ## Create CIPA policy
 
 1. Go to **Gateway** > **Firewall policies**.
-2. Create a policy to block using the CIPA filter: <Render file="gateway/policies/block-cipa" product="cloudflare-one" />
+2. Create a policy to block using the CIPA filter:
+
+   | Selector           | Operator | Value         | Action |
+   | ------------------ | -------- | ------------- | ------ |
+   | Content Categories | in       | _CIPA Filter_ | Block  |
+
 3. In **Logs** > **Gateway** > **DNS**, verify that you see the blocked domain.
 
 Your environment is now protected against all of the subcategories listed in [Configuration](/fundamentals/reference/policies-compliances/cybersafe/#configuration).