First, the firewall has defaults and they become the baseline. The common defaults are:
allow nothing inbound
allow all outbound
User defined rules become the "exceptions" usually to allow more control, as in DENY all outbound and then ALLOW specific programs to access the web, eg your browser, email and any host servers. This stops many forms of virus' from "calling home"