diff --git a/ipv4-rules.sh b/ipv4-rules.sh
index cb5b83c..276fa18 100755
--- a/ipv4-rules.sh
+++ b/ipv4-rules.sh
@@ -229,13 +229,7 @@ export PATH=/usr/sbin:/usr/bin:/sbin/:/bin
 
 umask 066
 
-if type iptables-legacy 1>/dev/null; then
-  ipt="iptables-legacy"
-elif type iptables 1>/dev/null; then
-  ipt="iptables"
-else
-  echo "can't find iptables executable" >&1
-fi
+ipt="iptables-legacy"
 trustlist="tor-trust"      # Tor authorities and snowflake servers
 jobs=$((1 + $(nproc) / 2)) # parallel jobs of adding ips to an ipset
 prefix=32                  # any ipv4 address of this CIDR block is considered to belong to the same source/owner
diff --git a/ipv6-rules.sh b/ipv6-rules.sh
index 1614c88..56f86ee 100755
--- a/ipv6-rules.sh
+++ b/ipv6-rules.sh
@@ -214,13 +214,7 @@ export PATH=/usr/sbin:/usr/bin:/sbin/:/bin
 
 umask 066
 
-if type ip6tables-legacy 1>/dev/null; then
-  ipt="ip6tables-legacy"
-elif type ip6tables 1>/dev/null; then
-  ipt="ip6tables"
-else
-  echo "can't find ip6tables executable" >&1
-fi
+ipt="ip6tables-legacy"
 trustlist="tor-trust6"     # Tor authorities and snowflake servers
 jobs=$((1 + $(nproc) / 2)) # parallel jobs of adding ips to an ipset
 prefix=80                  # any ipv6 address of this CIDR block is considered to belong to the same source/owner
diff --git a/metrics.sh b/metrics.sh
index 132902a..aaf9f15 100755
--- a/metrics.sh
+++ b/metrics.sh
@@ -23,8 +23,8 @@ function printMetricsIptables() {
   local tables4
   local tables6
 
-  tables4=$(iptables -nvx -L INPUT -t filter) || return 1
-  tables6=$(ip6tables -nvx -L INPUT -t filter) || return 1
+  tables4=$(iptables-legacy -nvx -L INPUT -t filter) || return 1
+  tables6=$(ip6tables-legacy -nvx -L INPUT -t filter) || return 1
 
   var="torutils_dropped_state_packets"
   echo -e "# HELP $var Total number of dropped packets due to wrong TCP state\n# TYPE $var gauge"