Kubernetes network polices are not enforced unless the network-plugin daemon-sets are restarted. Why?

I have only one network policy in my cluster in prod namespace that allows only ingress rules. The network plugin is weave-net. No rules are configured for Egress so I am expecting egress traffic will be blocked. But until I restart the network daemon-set pods the rule has no effect. I know by best practices I should have default ingress and egress rules. But I want to understand the reason of this behavior. Is this step always required to restart the network-plugin pods?

1. Network Policy Definition

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
  name: test-network-policy
  namespace: prod
  - {}
      run: prod-nginx
  - Ingress
  - Egress

2. Checking the netpol object

Name:         test-network-policy
Namespace:    prod
Created on:   2021-06-06 10:16:50 +0000 UTC
Labels:       <none>
Annotations:  <none>
  PodSelector:     run=prod-nginx
  Allowing ingress traffic:
    To Port: <any> (traffic allowed to all ports)
    From: <any> (traffic not restricted by source)
  Allowing egress traffic:
    <none> (Selected pods are isolated for egress connectivity)
  Policy Types: Ingress, Egress

3. Testing egress traffic to nginx server (This is unexpected to my understanding)

Command : kubectl -n prod exec -it prod-nginx -- curl | grep successfully #egress
Response: <p>If you see this page, the nginx web server is successfully installed and

4. Restarted the weave-net pods

5. Retesting egress connection to same nginx server (expected)

Command: kubectl -n prod exec -it prod-nginx -- curl | grep successfully #egress**
Response: No connection