diff --git a/firewall/interception/nfq/nfq.go b/firewall/interception/nfq/nfq.go
index 1128c467..f9a688ff 100644
--- a/firewall/interception/nfq/nfq.go
+++ b/firewall/interception/nfq/nfq.go
@@ -25,7 +25,6 @@ type Queue struct {
 	nf                   atomic.Value
 	packets              chan pmpacket.Packet
 	cancelSocketCallback context.CancelFunc
-	canceled             *abool.AtomicBool
 	restart              chan struct{}
 
 	pendingVerdicts  uint64
@@ -51,7 +50,6 @@ func New(qid uint16, v6 bool) (*Queue, error) { //nolint:gocognit
 		restart:              make(chan struct{}, 1),
 		packets:              make(chan pmpacket.Packet, 1000),
 		cancelSocketCallback: cancel,
-		canceled:             abool.New(),
 		verdictCompleted:     make(chan struct{}, 1),
 	}
 
@@ -144,11 +142,6 @@ func (q *Queue) handleError(e error) int {
 		}
 	}
 
-	// Check if we have closed the queue already.
-	if q.canceled.IsSet() {
-		return 1
-	}
-
 	// Check if the queue was already closed. Unfortunately, the exposed error
 	// variable is in an internal stdlib package. Therefore, check for the error
 	// string instead. :(
@@ -160,7 +153,8 @@ func (q *Queue) handleError(e error) int {
 
 	// Close the existing socket
 	if nf := q.getNfq(); nf != nil {
-		_ = nf.Close()
+		// Call Close() on the Con directly, as nf.Close() calls waitgroup.Wait(), which then may deadlock.
+		_ = nf.Con.Close()
 	}
 
 	// Trigger a restart of the queue
@@ -229,7 +223,6 @@ func (q *Queue) Destroy() {
 		return
 	}
 
-	q.canceled.Set()
 	q.cancelSocketCallback()
 
 	if nf := q.getNfq(); nf != nil {