Hi,
Pre and post rules become neccesarry when using group rules.
Suppose you have 3 firewalls, each of them has it's own policy but a company wide policy must be applied to all of the as well, you can use a group policy and assign is to all 3 firewalls. All rules created in the group policy as a pre rule will be added to before each device own rules and all rules created in the group policy as a post rule will be added after each device own rules.
When you look at the device on the CLI you will notice the rules are ordered this way.
It may look like this.
from zone X to zone Y
policy A (created as group policy Pre rule)
policy B (created as group policy Pre rule)
policy C (created as device policy)
policy D (created as device policy)
policy E (created as device policy)
policy F (created as group policy Post rule)
Multiple group policies can be made and attached to the same firewalls with a precedence to set the order.
I hope this makes sense
Z.