Setting up IPS to filter DDoS Attack

Hi everyone. I’ve been working on a project which I use Suricata and IPTables as IPS for the system to prevent DDoS attack (in this case I use hping3 & LOIC to attack the web server).
Suricata successfully dropped the attack, but IPTables make the website unable to access.

Here is the rules that I use:

drop http any any -> $HOME_NET 80 (msg:“HPING3”; ttl:64; flags:S; threshold:type threshold; track by_dst, count 100, seconds 5; classtype:attempted-dos; sid:1; rev:1; metadata:created_at 2020_06_11, updated_at 2020_06_11;)

i used this iptables command:

sudo iptables -I INPUT -p tcp --sport 80 -j NFQUEUE
sudo iptables -I OUTPUT -p tcp --dport 80 -j NFQUEUE

then I ran suricata using this command:

suricata -c /etc/suricata/suricata.yaml -q 0

and here is the result on fast.log

It successfully dropped the attack but when I accessed the web, it can’t be because iptables also blocked it.
Thanks before. -liza

Can you share your config and if you say iptables is blocking it, how did you come to that assumption, do you see the drops in iptables logs?