> And then there are all those born in the 80s people that were told on LAN parties to "just disable the Windows firewall" and kept doing so.

You caught me. I think a firewall on the router is absolutely essential regardless of NAT scenarios.

With the understanding that you have an entire generation of computer users who equate that internet box with some degree of safety, you will find less friction with some tweak to that experience. You can still call it "port forwarding", block all inbound by default, and keep most of the same UX.

I personally like to operate my home network like a DMZ. Being able to reach any computer from any other without screwing around with networking is very convenient to me. I operate with an all-or-nothing trust model on my LAN. Having some centralized firewall helps a lot with this.

i would like to know why anyone would disagree with the parent comment.

Firewalls are only necessary for OSes that open ports without good reasons and without good controls. In other words, your reaction is justified if you think Windows is normal and an example of how things should be.

The rest of the world, though, knows that you don't just randomly open ports without good reason and without ways to turn off services.

> The rest of the world, though, knows that you don't just randomly open ports without good reason and without ways to turn off services.

Perhaps you should inform the IoT community.