diff --git a/pkg/iptables/iptables.go b/pkg/iptables/iptables.go
index 6809daef63..b44c452233 100644
--- a/pkg/iptables/iptables.go
+++ b/pkg/iptables/iptables.go
@@ -20,6 +20,7 @@ const (
 var (
 	ErrIptablesNotFound = errors.New("Iptables not found")
 	nat                 = []string{"-t", "nat"}
+	supportsXlock       = false
 )
 
 type Chain struct {
@@ -27,6 +28,10 @@ type Chain struct {
 	Bridge string
 }
 
+func init() {
+	supportsXlock = exec.Command("iptables", "--wait", "-L", "-n").Run() == nil
+}
+
 func NewChain(name, bridge string) (*Chain, error) {
 	if output, err := Raw("-t", "nat", "-N", name); err != nil {
 		return nil, err
@@ -147,12 +152,19 @@ func Raw(args ...string) ([]byte, error) {
 	if err != nil {
 		return nil, ErrIptablesNotFound
 	}
+
+	if supportsXlock {
+		args = append([]string{"--wait"}, args...)
+	}
+
 	if os.Getenv("DEBUG") != "" {
 		fmt.Printf("[DEBUG] [iptables]: %s, %v\n", path, args)
 	}
-	output, err := exec.Command(path, append([]string{"--wait"}, args...)...).CombinedOutput()
+
+	output, err := exec.Command(path, args...).CombinedOutput()
 	if err != nil {
 		return nil, fmt.Errorf("iptables failed: iptables %v: %s (%s)", strings.Join(args, " "), output, err)
 	}
+
 	return output, err
 }