diff --git a/neutron/agent/linux/iptables_manager.py b/neutron/agent/linux/iptables_manager.py
index df9fc43407b..43386056511 100644
--- a/neutron/agent/linux/iptables_manager.py
+++ b/neutron/agent/linux/iptables_manager.py
@@ -307,14 +307,8 @@ class IptablesManager(object):
     # Flag to denote iptables supports --random-fully argument
     _random_fully = None
 
-    def __init__(self, _execute=None, state_less=False, use_ipv6=False,
-                 nat=True, namespace=None, binary_name=binary_name,
-                 external_lock=True):
-        if _execute:
-            self.execute = _execute
-        else:
-            self.execute = linux_utils.execute
-
+    def __init__(self, state_less=False, use_ipv6=False, nat=True,
+                 namespace=None, binary_name=binary_name, external_lock=True):
         self.use_ipv6 = use_ipv6
         self.namespace = namespace
         self.iptables_apply_deferred = False
@@ -484,12 +478,13 @@ class IptablesManager(object):
         args = ['iptables-save', '-t', table]
         if self.namespace:
             args = ['ip', 'netns', 'exec', self.namespace] + args
-        return self.execute(args, run_as_root=True).split('\n')
+        return linux_utils.execute(args, run_as_root=True).split('\n')
 
     def _get_version(self):
         # Output example is "iptables v1.6.2"
         args = ['iptables', '--version']
-        version = str(self.execute(args, run_as_root=True).split()[1][1:])
+        version = str(linux_utils.execute(
+            args, run_as_root=True).split()[1][1:])
         LOG.debug("IPTables version installed: %s", version)
         return version
 
@@ -514,8 +509,8 @@ class IptablesManager(object):
             args += ['-w', self.xlock_wait_time, '-W', XLOCK_WAIT_INTERVAL]
         try:
             kwargs = {} if lock else {'log_fail_as_error': False}
-            self.execute(args, process_input='\n'.join(commands),
-                         run_as_root=True, **kwargs)
+            linux_utils.execute(args, process_input='\n'.join(commands),
+                                run_as_root=True, **kwargs)
         except RuntimeError as error:
             return error
 
@@ -577,7 +572,7 @@ class IptablesManager(object):
             if self.namespace:
                 args = ['ip', 'netns', 'exec', self.namespace] + args
             try:
-                save_output = self.execute(args, run_as_root=True)
+                save_output = linux_utils.execute(args, run_as_root=True)
             except RuntimeError:
                 # We could be racing with a cron job deleting namespaces.
                 # It is useless to try to apply iptables rules over and
@@ -785,7 +780,7 @@ class IptablesManager(object):
             # this error in production environments. Only when debug mode is
             # enabled is that we need to log the error. This is used to avoid
             # generating alarms that will be ignored by  operators.
-            current_table = self.execute(
+            current_table = linux_utils.execute(
                 args, run_as_root=True, log_fail_as_error=cfg.CONF.debug)
             current_lines = current_table.split('\n')
 
diff --git a/neutron/tests/unit/agent/linux/test_iptables_manager.py b/neutron/tests/unit/agent/linux/test_iptables_manager.py
index 9479ca241b5..1b80bba0d1c 100644
--- a/neutron/tests/unit/agent/linux/test_iptables_manager.py
+++ b/neutron/tests/unit/agent/linux/test_iptables_manager.py
@@ -195,7 +195,7 @@ class IptablesCommentsTestCase(base.BaseTestCase):
         super(IptablesCommentsTestCase, self).setUp()
         cfg.CONF.set_override('comment_iptables_rules', True, 'AGENT')
         self.iptables = iptables_manager.IptablesManager()
-        self.execute = mock.patch.object(self.iptables, "execute").start()
+        self.execute = mock.patch.object(linux_utils, 'execute').start()
 
     def test_comments_short_enough(self):
         for attr in dir(ic):
diff --git a/neutron/tests/unit/agent/test_securitygroups_rpc.py b/neutron/tests/unit/agent/test_securitygroups_rpc.py
index c5f2df50897..3ff77655069 100644
--- a/neutron/tests/unit/agent/test_securitygroups_rpc.py
+++ b/neutron/tests/unit/agent/test_securitygroups_rpc.py
@@ -32,6 +32,7 @@ import webob.exc
 from neutron.agent import firewall as firewall_base
 from neutron.agent.linux import ip_conntrack
 from neutron.agent.linux import iptables_manager
+from neutron.agent.linux import utils as linux_utils
 from neutron.agent import securitygroups_rpc as sg_rpc
 from neutron.api.rpc.handlers import securitygroups_rpc
 from neutron.db import securitygroups_rpc_base as sg_db_rpc
@@ -2703,7 +2704,7 @@ class TestSecurityGroupAgentWithIptables(base.BaseTestCase):
         # TODO(jlibosva) Get rid of mocking iptables execute and mock out
         # firewall instead
         self.iptables.use_ipv6 = True
-        self.iptables_execute = mock.patch.object(self.iptables,
+        self.iptables_execute = mock.patch.object(linux_utils,
                                                   "execute").start()
         self.iptables_execute_return_values = []
         self.expected_call_count = 0