Destination Traffic to 169.254.x.x
Curious what this is. I've got a network segment that is dedicated to internet of things devices that really have no need to connect to my internal network. The rules allow outbound traffic and reject any traffic to all private addresses (RFC 1918). Quite a few entries and source and destination ports are fairly random.
A 169.254.0.0/16 link local address should never be routed. If you need a private address that can be routed, chose one from RFC 1918.