Suricata: detect DNS events on port 853, too

As DNS over TLS popularity is increasing, port 853 becomes
more interesting for an attacker as a bypass method. Enabling
this port for DNS monitoring makes sense in order to avoid
unusual activity (non-DNS traffic) as well as "normal" DNS
attacks.

Partially fixes #11808

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

config/suricata/suricata.yaml

@@ -208,11 +208,11 @@ app-layer:
       tcp:
         enabled: yes
         detection-ports:
-          dp: 53
+          dp: "[53,853]"
       udp:
         enabled: yes
         detection-ports:
-          dp: 53
+          dp: "[53,853]"
     http:
       enabled: yes
       # memcap: 64mb