There is an option to overrule that, but it is not available for outbound rules. Hence, to allow DHCP client broadcasts, you will have to exclude them from the rule suggested in this answer, assuming this firewall rule is indeed responsible for breaking your DHCP setup. DHCP clients use the remote UDP port 67 for IPv4 and 547 for IPv6.
May 12, 2020 Firewall rule needed for DHCP ? | Netgate Forum I've enabled DHCP relay on the various VLAN interfaces, and specified the IP of our internal DHCP-server. But, in order to get DHCP working I had to add the following rule on the subnet where the DHCP-server lives : UDP 0.0.0.0 68 255.255.255.255 67 * Permit DHCP CentOS 7 : Firewalld : Server World  By default, "public" zone is applied with a NIC and dhcpv6-client and ssh are allowed. When operating with "firewall-cmd" command, if you input the command without "--zone=***" specification, then, configuration is set to the default zone.
May 12, 2020
Sep 22, 2017 Can the firewall prevent the DHCP to give an address, how I am not getting an IP in the subnet 10.0.0.0/24 where the DHCP is working and should serve an IP, I am getting instead only an IP in the subnet 169.254.0.0/16(link local address) that is probably given by Windows which runs on the laptop I am using to test this, which makes me think it might be a problem of the network firewall blocking the DHCP Discovery service.
Configure an IPv4 DHCP Server - WatchGuard
At the same time, the firewall logs now show some DHCP traffic blocked. Specifically, one or two of my DHCP servers (on the WAN) are trying to reach my LAN address. It's port 67/udp on both ends of the attempted connection. Here are the log entries: Enable or Disable Windows Firewall from Command Prompt Nov 06, 2017 Blocking DHCP in Windows Firewall Sep 23, 2013