Thats what Docker does (see LXD and Docker Firewall Redux - How to deal with FORWARD policy set to drop) and it causes no end of confusion and problem reports on these forums. Certainly not keen to add system wide default drop rules for any sort of traffic due to the potential for unexpected blocking of other application’s traffic.