Create the queue as described in the post Snort 3 + NFQ with IPS mode - #18 by efahl the original commands have several problems including that the queue is always deleted when the firewall updates itself and the configuration is more powerful because the traffic is distributed to multiple queues so the limitation of a single queue is bypassed.