diff --git a/scripts/conf/20-suricata.conf b/scripts/conf/20-suricata.conf
new file mode 100644
index 0000000..f8a25ef
--- /dev/null
+++ b/scripts/conf/20-suricata.conf
@@ -0,0 +1,2 @@
+$template SuricataTemplate, "<%PRI%>%syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%"
+user.alert /var/log/suricata.log;SuricataTemplate
diff --git a/scripts/subinstallers/suricata.sh b/scripts/subinstallers/suricata.sh
index 6b60414..e273e0b 100755
--- a/scripts/subinstallers/suricata.sh
+++ b/scripts/subinstallers/suricata.sh
@@ -36,6 +36,11 @@ else
 fi
 
 # iptables
-#sudo iptables -A INPUT -j NFQUEUE
-#sudo iptables -I FORWARD -j NFQUEUE
-#sudo iptables -I OUTPUT -j NFQUEUE
+sudo iptables -A INPUT -j NFQUEUE
+sudo iptables -I FORWARD -j NFQUEUE
+sudo iptables -I OUTPUT -j NFQUEUE
+
+# rsyslog to create /var/log/suricata.log
+sudo cp ./scripts/conf/20-suricata.conf /etc/rsyslog.d/
+sudo chown root:root /etc/rsyslog.d/20-suricata.conf
+sudo systemctl restart rsyslog
\ No newline at end of file