Try adding rules to the output chains to see if you catch anything. You won’t because the DHCP server process is not in front of #15.
Also, our @anav usually gives firewall examples with “drop all on the input chain” except for icmp, established/related, DNS and MGMT interface list. Have you ever seen him including any exception for UDP 67/68 at all? Of course not. But in his configs the DHCP leases still work on LAN interfaces.