diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway
index b3990b3..94d3d32 100755
--- a/ip6t-firewall-gateway
+++ b/ip6t-firewall-gateway
@@ -512,6 +512,23 @@ esac
 echo
 
 
+# -------------
+# - suricata IPS (Inline Mode)
+# -------------
+
+# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
+# -
+echononl "\tForward to suricata IPS (inline Mode)"
+if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then 
+   $ip6t -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
+   echo_done
+else
+   echo_skipped
+fi
+
+echo
+
+
 # -------------
 # --- iPerf
 # -------------
diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway
index 4936776..24b80d2 100755
--- a/ipt-firewall-gateway
+++ b/ipt-firewall-gateway
@@ -1061,6 +1061,23 @@ esac
 echo
 
 
+# -------------
+# - suricata IPS (Inline Mode)
+# -------------
+
+# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
+# -
+echononl "\tForward to suricata IPS (inline Mode)"
+if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then 
+   $ipt -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
+   echo_done
+else
+   echo_skipped
+fi
+
+echo
+
+
 # -------------
 # --- iPerf
 # -------------