I got a lot of dns entries with random string name in this past few day.
From the same ip address,its a legitimate client/device.
Dns setting is allow remote request from internal network,with drop dns request from external network in firewall(above accept established/related new connection).

Currently dropping connection from that client : add action=drop chain=input comment="CLIENT REQUEST WEIRD DNS !!!!!" src-mac-address=94:DE:80:57:53:60

Pretty sure its come from adware though,given a lot of ads poping out every now and then on that device.
Whats the risk if i allow this client "putting" such dns entries?

That dns flood from your LAN, so these requests just flooding your RAM on router, what is not cool. You should block dns queries for this host and figure out how to fix him, then release the host.

P.S.: I bet that's a virus.