1. Proposed title of this feature request

Allow rules cannot be configured using dnsName in EgressFirewall 

2. What is the nature and description of the request?

When the `cidrSelector: 0.0.0.0/0` deny rule is configured in EgressFirewall
It overwrites all allow rules configured using `dnsName`

3. Why does the customer need this? (List the business requirements here)

If the customer is using the dynamic ip behind any domain, they continuously need to update the ip in the manifest which is not possible

4. List any affected packages or components.

EgressFirewall

Reproduced output:{}

Created the EgressFirewall Manifest with both `dnsName` and `cidrSelector` rule with `cidrSelector :0.0.0.0/0` deny rule

~~~
apiVersion: k8s.ovn.org/v1
kind: EgressFirewall
metadata:
  name: default
spec:
 egress:
  - type: Allow
    to:
      cidrSelector: 10.x.x.x/32    <------ Random Pod ip in the cluster
    ports:
      - protocol: TCP
        port: 8080
  - type: Allow
    to:
      dnsName: kubernetes.default.svc
    ports:
      - protocol: TCP
        port: 443
  - to:
      cidrSelector: 0.0.0.0/0
    type: Deny

~~~

It will allow traffic to `10.x.x.x` but not to  `kubernetes.default.svc`

After doing oc rsh <pod name> in the namespace where EgressFirewall is applied:

• Trying for `kubernetes.default.svc`

~~~
$ curl -kI https://kubernetes.default.svc
curl: (28) Failed to connect to kubernetes.default.svc port 443: Connection timed out
~~~

• Trying for `10.x.x.x`

~~~
$ curl 10.x.x.x:8080
<html>
  <body>
    <h1>Hello, world from nginx!</h1>
  </body>
</html>
~~~