Why does Debian ship a preconfigured firewall?

Recently I reinstalled Debian Testing (to become Trixie). After that, I couldn’t use a network printer any more, which was resolved in this question.

This made me wonder:

  • Why is there a default firewall at all? What does it try to protect against?
  • Why should it block the mDNS ports? What would be dangerous about these?