Make DropDNSrep an inline action

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Actions/action.DropDNSrep

@@ -0,0 +1,10 @@
+#
+# Shorewall -- /usr/share/shorewall/action.DropDNSrep
+#
+# This macro silently drops DNS UDP replies that are in the New state
+#
+###############################################################################
+#ACTION	SOURCE	DEST	PROTO	DPORT	SPORT	ORIGDEST	RATE	USER
+
+DEFAULTS DROP
+@1	-	-	udp	-	53 { comment="Late DNS Replies" }

Shorewall/Macros/macro.DropDNSrep

@@ -1,12 +0,0 @@
-#
-# Shorewall -- /usr/share/shorewall/macro.DropDNSrep
-#
-# This macro silently drops DNS UDP replies
-#
-###############################################################################
-#ACTION	SOURCE	DEST	PROTO	DPORT	SPORT	ORIGDEST	RATE	USER
-
-?COMMENT Late DNS Replies
-
-DEFAULT DROP
-PARAM	-	-	udp	-	53

Shorewall/actions.std

@@ -31,6 +31,7 @@ Broadcast    noinline,audit	# Handles Broadcast/Multicast/Anycast
 DNSAmp				# Matches one-question recursive DNS queries
 Drop				# Default Action for DROP policy
 dropInvalid  inline		# Drops packets in the INVALID conntrack state
+DropDNSrep   inline		# Drops DNS replies
 DropSmurfs   noinline		# Drop smurf packets
 Established  inline,\		# Handles packets in the ESTABLISHED state
 	     state=ESTABLISHED	#