What is the use of the 'exit' statement in a screenOS juniper firewall config?

Question

I want to audit a screenOS juniper firewall. I have been provided with the configuration file, but I am not familiar with the syntax. I am wondering about the 'exit' command.

In the config file, most policies are followed by one or two additional commands and an exit statement:

[...]
set policy id <id1> name "<name1>" from "<zone1>" to "<zone2>"  "<address1>" "<address2>" "<service1>" permit log 
set policy id <id1>
exit
set policy id <id2> name "<name2>" from "<zone1>" to "<zone2>"  "<address1>" "<address2>" "<service2>" permit log 
set policy id <id2>
set service "<service3>"
set service "<service4>"
set service "<service5>"
set service "<service6>"
exit
[...]

How should I interpret this? If the exit statement groups policies together, then there is only redundant information. The policy id is already set in the line above. The services 3,4,5,6, set in the lower lines are already incorporated in service 2.

The exit statement appears not only after set policy statements.

Answer 1

Juniper ScreenOS configuration file is just a long list of CLI commands. If we add the prompt in the beginning of each line, the purpose of exit becomes much more clear:

[...]
device-> set policy id <id1> name "<name1>" from "<zone1>" to "<zone2>"  "<address1>" "<address2>" "<service1>" permit log 
device-> set policy id <id1>
device(policy:<id1>)-> exit
device-> set policy id <id2> name "<name2>" from "<zone1>" to "<zone2>"  "<address1>" "<address2>" "<service2>" permit log 
device-> set policy id <id2>
device(policy:<id2>)-> set service "<service3>"
device(policy:<id2>)-> set service "<service4>"
device(policy:<id2>)-> set service "<service5>"
device(policy:<id2>)-> set service "<service6>"
device(policy:<id2>)-> exit
[...]
device-> save