diff --git a/files/fuel-ha-utils/ocf/ns_haproxy b/files/fuel-ha-utils/ocf/ns_haproxy
index 10da60155f..7bd755981b 100755
--- a/files/fuel-ha-utils/ocf/ns_haproxy
+++ b/files/fuel-ha-utils/ocf/ns_haproxy
@@ -264,9 +264,9 @@ block_client_access()
     # do not add temporary SYN blocking rule, if it is already exist
     # otherwise, try to add a blocking rule with max of 5 retries
     local tries=5
-    until $($RUN_IN_NS iptables -t filter -nvL | grep -q 'temporary SYN block') || [ $tries -eq 0 ]; do
+    until $($RUN_IN_NS iptables -t filter -nvL --wait | grep -q 'temporary SYN block') || [ $tries -eq 0 ]; do
       tries=$((tries-1))
-      ocf_run $RUN_IN_NS iptables -t filter -I INPUT -p tcp \
+      ocf_run $RUN_IN_NS iptables --wait -t filter -I INPUT -p tcp \
         -m comment --comment 'temporary SYN block' --syn -j DROP
       sleep 1
     done
@@ -281,8 +281,8 @@ block_client_access()
 unblock_client_access()
 {
     # remove all temporary SYN blocking rules, if there are more than one exist
-    for i in $($RUN_IN_NS iptables -t filter -nvL --line-numbers | awk '/temporary SYN block/ {print $1}'); do
-      ocf_run $RUN_IN_NS iptables -t filter -D INPUT -p tcp \
+    for i in $($RUN_IN_NS iptables -t filter -nvL --wait --line-numbers | awk '/temporary SYN block/ {print $1}'); do
+      ocf_run $RUN_IN_NS iptables --wait -t filter -D INPUT -p tcp \
         -m comment --comment 'temporary SYN block' --syn -j DROP
     done
 }
@@ -372,10 +372,10 @@ set_ns_routing() {
   fi
 
   # set masquerade on host node
-  iptables -n -t nat -L | grep -q masquerade-for-haproxy-namespace
+  iptables -n --wait -t nat -L | grep -q masquerade-for-haproxy-namespace
   if [ $? -gt 0 ]; then
     ocf_log debug "Creating NAT rule on the host system for traffic from IP: ${OCF_RESKEY_namespace_ip}"
-    ocf_run iptables -t nat -A POSTROUTING -s "${OCF_RESKEY_namespace_ip}" -j MASQUERADE -m comment --comment "masquerade-for-haproxy-namespace"
+    ocf_run iptables --wait -t nat -A POSTROUTING -s "${OCF_RESKEY_namespace_ip}" -j MASQUERADE -m comment --comment "masquerade-for-haproxy-namespace"
   fi
 
   ### Needed for ML2 routing ###
diff --git a/files/fuel-ha-utils/ocf/ns_vrouter b/files/fuel-ha-utils/ocf/ns_vrouter
index f11a3ac910..4ed7e44c9e 100644
--- a/files/fuel-ha-utils/ocf/ns_vrouter
+++ b/files/fuel-ha-utils/ocf/ns_vrouter
@@ -257,10 +257,10 @@ set_ns_routing() {
   fi
 
   # set masquerade on host node
-  iptables -n -t nat -L | grep -q masquerade-for-vrouter-namespace
+  iptables -n --wait -t nat -L | grep -q masquerade-for-vrouter-namespace
   if [ $? -gt 0 ]; then
     ocf_log debug "Creating NAT rule on the host system for traffic from IP: ${OCF_RESKEY_namespace_ip}"
-    ocf_run iptables -t nat -A POSTROUTING -s "${OCF_RESKEY_namespace_ip}" -j MASQUERADE -m comment --comment "masquerade-for-vrouter-namespace"
+    ocf_run iptables --wait -t nat -A POSTROUTING -s "${OCF_RESKEY_namespace_ip}" -j MASQUERADE -m comment --comment "masquerade-for-vrouter-namespace"
   fi
 
   ### Needed for ML2 routing ###
diff --git a/files/fuel-ha-utils/ocf/rabbitmq b/files/fuel-ha-utils/ocf/rabbitmq
index 5b5676b55a..80386c81eb 100755
--- a/files/fuel-ha-utils/ocf/rabbitmq
+++ b/files/fuel-ha-utils/ocf/rabbitmq
@@ -691,9 +691,9 @@ block_client_access()
     # do not add temporary RMQ blocking rule, if it is already exist
     # otherwise, try to add a blocking rule with max of 5 retries
     local tries=5
-    until $(iptables -nvL | grep -q 'temporary RMQ block') || [ $tries -eq 0 ]; do
+    until $(iptables -nvL --wait | grep -q 'temporary RMQ block') || [ $tries -eq 0 ]; do
       tries=$((tries-1))
-      iptables -I INPUT -p tcp -m tcp --dport ${OCF_RESKEY_node_port} -m state --state NEW,RELATED,ESTABLISHED \
+      iptables --wait -I INPUT -p tcp -m tcp --dport ${OCF_RESKEY_node_port} -m state --state NEW,RELATED,ESTABLISHED \
       -m comment --comment 'temporary RMQ block' -j REJECT --reject-with tcp-reset
       sleep 1
     done
@@ -707,8 +707,8 @@ block_client_access()
 unblock_client_access()
 {
     # remove all temporary RMQ blocking rules, if there are more than one exist
-    for i in $(iptables -nvL --line-numbers | awk '/temporary RMQ block/ {print $1}'); do
-      iptables -D INPUT -p tcp -m tcp --dport ${OCF_RESKEY_node_port} -m state --state NEW,RELATED,ESTABLISHED \
+    for i in $(iptables -nvL --wait --line-numbers | awk '/temporary RMQ block/ {print $1}'); do
+      iptables --wait -D INPUT -p tcp -m tcp --dport ${OCF_RESKEY_node_port} -m state --state NEW,RELATED,ESTABLISHED \
       -m comment --comment 'temporary RMQ block' -j REJECT --reject-with tcp-reset
     done
 }