State table size full
I see that my state table size became full and then the firewall became irresponsible.
Is there a way to understand why packet remain so long in the table? Dos or Ddos is the only possible cause?
Without looking at the states and knowing about the connections, no.
It could be a DoS, or just 1-2 people running bittorrent, or just a busy day. Most of the time it's easiest to increase the size of the state table and/or switch the firewall optimization setting to aggressive if you have a lot of connection churn.