You are under DNS amplification attack. Drop ANY type queries on 'DNS > Server Protection > Request Type Control >
Blocked Request Type
' by adding 255.
And 'listen_ip' is just an IP of your server. So, use the private IP of your server.
But I think your network configuration has some problem if you see the traffic from outside your network.