you are bumping into the default state limit; two options: - bump maximum state limits: set limit states 20000
- reduce the state expiry time, just for udp 53 is probably enough: pass proto udp to port 53 keep state (udp.first 20, udp.single 10, udp.multiple 20) see pfctl -st and pfctl -sm for defaults.
