diff --git a/bbfdm/files/etc/firewall.service b/bbfdm/files/etc/firewall.service
index 100f54a3d..2d40291cd 100755
--- a/bbfdm/files/etc/firewall.service
+++ b/bbfdm/files/etc/firewall.service
@@ -7,7 +7,7 @@ log() {
 }
 
 exec_cmd() {
-	if ! eval "$*"; then
+	if ! "$@"; then
 		log "Failed to run [$*]"
 		echo "-1"
 		return 0
@@ -73,7 +73,7 @@ add_iptable_rule() {
 		fi
 
 		if [ -z "${src_prefix}" ]; then
-			res=$(exec_cmd "iptables ${cmd} -m comment --comment IPtables_service_rule -j ${action}")
+			res=$(exec_cmd iptables -w ${cmd} -m comment --comment IPtables_service_rule -j "${action}")
 		else
 			#Add ipv4 sources if any
 			src_list=""
@@ -86,7 +86,7 @@ add_iptable_rule() {
 
 			if [ -n "$src_list" ]; then
 				src_list=$(echo "${src_list}" | sed "s/,$//")
-				res=$(exec_cmd "iptables -s $src_list ${cmd} -m comment --comment IPtables_service_rule -j ${action}")
+				res=$(exec_cmd iptables -w -s "$src_list" ${cmd} -m comment --comment IPtables_service_rule -j "${action}")
 			fi
 		fi
 	fi
@@ -97,7 +97,7 @@ add_iptable_rule() {
 		fi
 
 		if [ -z "${src_prefix}" ]; then
-			res=$(exec_cmd "ip6tables ${cmd} -m comment --comment IP6tables_service_rule -j ${action}")
+			res=$(exec_cmd ip6tables -w ${cmd} -m comment --comment IP6tables_service_rule -j "${action}")
 		else
 			#Add ipv6 sources if any
 			src_list=""
@@ -110,7 +110,7 @@ add_iptable_rule() {
 
 			if [ -n "$src_list" ]; then
 				src_list=$(echo "${src_list}" | sed "s/,$//")
-				res=$(exec_cmd "ip6tables -s $src_list ${cmd} -m comment --comment IP6tables_service_rule -j ${action}")
+				res=$(exec_cmd ip6tables -w -s "$src_list" ${cmd} -m comment --comment IP6tables_service_rule -j "${action}")
 			fi
 		fi
 	fi