Merged.

Best regards,

-Stefan
> As DNS over TLS popularity is increasing, port 853 becomes
> more interesting for an attacker as a bypass method. Enabling
> this port for DNS monitoring makes sense in order to avoid
> unusual activity (non-DNS traffic) as well as "normal" DNS
> attacks.
> 
> Partially fixes #11808
> 
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> Cc: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
>  config/suricata/suricata.yaml | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/config/suricata/suricata.yaml
> b/config/suricata/suricata.yaml
> index d7302788c..67b9e8a7d 100644
> --- a/config/suricata/suricata.yaml
> +++ b/config/suricata/suricata.yaml
> @@ -208,11 +208,11 @@ app-layer:
>        tcp:
>          enabled: yes
>          detection-ports:
> -          dp: 53
> +          dp: "[53,853]"
>        udp:
>          enabled: yes
>          detection-ports:
> -          dp: 53
> +          dp: "[53,853]"
>      http:
>        enabled: yes
>        # memcap: 64mb