diff --git a/src/acl.c b/src/acl.c
index e303f253..e686693b 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -94,20 +94,18 @@ static char *firewalld6_add_rule    = "firewall-cmd --direct --passthrough ipv6
 static char *firewalld6_remove_rule = "firewall-cmd --direct --passthrough ipv6 -D %s -d %s -j DROP";
 
 static int
-run_cmd(const char *cmd)
+run_cmd(const char *cmdstring)
 {
     pid_t pid;
     int status = 0;
-    char cmdstring[256];
 
-    if (cmd == NULL)
+    if (cmdstring == NULL)
         return -1;
 
-    sprintf(cmdstring, "%s &> /dev/null", cmd);
-
     if ((pid = fork()) < 0) {
         status = -1;
     } else if (pid == 0) {
+        fclose(stdout);
         execl("/bin/sh", "sh", "-c", cmdstring, (char *)0);
         _exit(127);
     }
@@ -115,6 +113,14 @@ run_cmd(const char *cmd)
     return status;
 }
 
+static int
+quiet_system(const char *cmd)
+{
+    FILE *fp;
+    fp = popen(cmd, "r");
+    return pclose(fp);
+}
+
 static int
 init_firewall()
 {
@@ -140,14 +146,14 @@ init_firewall()
 
     if (mode == FIREWALLD_MODE) {
         sprintf(cli, firewalld6_init_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
         sprintf(cli, firewalld_init_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
     } else if (mode == IPTABLES_MODE) {
         sprintf(cli, ip6tables_init_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
         sprintf(cli, iptables_init_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
     }
 
     return ret;
@@ -164,14 +170,14 @@ reset_firewall()
 
     if (mode == IPTABLES_MODE) {
         sprintf(cli, ip6tables_remove_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
         sprintf(cli, iptables_remove_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
     } else if (mode == FIREWALLD_MODE) {
         sprintf(cli, firewalld6_remove_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
         sprintf(cli, firewalld_remove_chain, chain_name, chain_name, chain_name);
-        ret |= system(cli);
+        ret |= quiet_system(cli);
     }
 
     return ret;