Default firewall has one LAN and you usually trust connected devices, so everything is allowed. But it makes sense to make other things more restricted. For example guests are not necessarily trusted, so they can get just port 53 for dns and that's enough (dhcp uses raw sockets, so it doesn't need to be allowed in IP firewall).
I prefer to allow few needed things and block everything else. It won't make any difference if nothing is listening on other ports. But if it does and you miss it, it won't be accidentally open without you knowing about it.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.