See this post https://community.ipfire.org/t/no-dns-and-webgui-after-recommended-new-firewall-settings/7394/27
For info on rulesets found to have a problem.
I have run cu164 with emerging threats community without seeing an issue. I also added the ruleset from Abuse.ch, also without seeing issues.