diff --git a/libnetwork/drivers/bridge/setup_ip_tables_linux.go b/libnetwork/drivers/bridge/setup_ip_tables_linux.go
index b47869cce6..41e97b34c7 100644
--- a/libnetwork/drivers/bridge/setup_ip_tables_linux.go
+++ b/libnetwork/drivers/bridge/setup_ip_tables_linux.go
@@ -202,6 +202,11 @@ type iptRule struct {
 	args  []string
 }
 
+// Exists returns true if the rule exists in the kernel.
+func (r iptRule) Exists() bool {
+	return iptables.GetIptable(r.ipv).Exists(r.table, r.chain, r.args...)
+}
+
 func setupIPTablesInternal(ipVer iptables.IPVersion, config *networkConfiguration, addr *net.IPNet, hairpin, enable bool) error {
 	var (
 		address   = addr.String()
@@ -258,7 +263,7 @@ func programChainRule(rule iptRule, ruleDescr string, insert bool) error {
 	var (
 		operation string
 		condition bool
-		doesExist = iptable.Exists(rule.table, rule.chain, rule.args...)
+		doesExist = rule.Exists()
 	)
 
 	args := []string{"-t", string(rule.table)}
diff --git a/libnetwork/drivers/bridge/setup_ip_tables_linux_test.go b/libnetwork/drivers/bridge/setup_ip_tables_linux_test.go
index 194bd4dc81..becce83977 100644
--- a/libnetwork/drivers/bridge/setup_ip_tables_linux_test.go
+++ b/libnetwork/drivers/bridge/setup_ip_tables_linux_test.go
@@ -107,8 +107,7 @@ func assertIPTableChainProgramming(rule iptRule, descr string, t *testing.T) {
 		t.Fatalf("Failed to program iptable rule %s: %s", descr, err.Error())
 	}
 
-	iptable := iptables.GetIptable(rule.ipv)
-	if iptable.Exists(rule.table, rule.chain, rule.args...) == false {
+	if !rule.Exists() {
 		t.Fatalf("Failed to effectively program iptable rule: %s", descr)
 	}
 
@@ -116,7 +115,7 @@ func assertIPTableChainProgramming(rule iptRule, descr string, t *testing.T) {
 	if err := programChainRule(rule, descr, false); err != nil {
 		t.Fatalf("Failed to remove iptable rule %s: %s", descr, err.Error())
 	}
-	if iptable.Exists(rule.table, rule.chain, rule.args...) == true {
+	if rule.Exists() {
 		t.Fatalf("Failed to effectively remove iptable rule: %s", descr)
 	}
 }