/usr/share/shorewall/macro.DropDNSrep is in shorewall 4.6.4.3-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | #
# Shorewall version 4 - DropDNSrep Macro
#
# /usr/share/shorewall/macro.DropDNSrep
#
# This macro silently drops DNS UDP replies
#
###############################################################################
?FORMAT 2
###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGIN RATE USER/
# PORT(S) PORT(S) DEST LIMIT GROUP
?COMMENT Late DNS Replies
DEFAULT DROP
PARAM - - udp - 53
|