After the system runs for a couple days (3-ish) it seems to go its own direction and starts dropping state across all services. It will log that it's blocking as well but tcpdump traces show a good 3-way TCP setup and then ipmon starts logging the session as blocked and things come to a stand-still.
It almosty sounds like your state table fills up. Did you use "flags S keep state" in your ruleset?
