diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 67b9e8a7d..4fbd32b85 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -117,8 +117,8 @@ logging:
 
 nfq:
    mode: repeat
-   repeat-mark: 2
-   repeat-mask: 2
+   repeat-mark: 16
+   repeat-mask: 16
 #   bypass-mark: 1
 #   bypass-mask: 1
 #  route-queue: 2
diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata
index 458aed44d..d2c758660 100644
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -29,8 +29,8 @@ NFQ_OPTS="--queue-bypass "
 network_zones=( red green blue orange )
 
 # Mark and Mask options.
-MARK="0x2"
-MASK="0x2"
+MARK="0x16"
+MASK="0x16"
 
 # PID file of suricata.
 PID_FILE="/var/run/suricata.pid"