diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h
index ca2c070218..35f8ddec78 100644
--- a/src/conf/nwfilter_conf.h
+++ b/src/conf/nwfilter_conf.h
@@ -556,6 +556,7 @@ typedef struct _virNWFilterDriverState virNWFilterDriverState;
 typedef virNWFilterDriverState *virNWFilterDriverStatePtr;
 struct _virNWFilterDriverState {
     virMutex lock;
+    bool privileged;
 
     virNWFilterObjList nwfilters;
 
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index b67b70424d..19ebb03b21 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -165,7 +165,7 @@ nwfilterDriverInstallDBusMatches(DBusConnection *sysbus ATTRIBUTE_UNUSED)
  * Initialization function for the QEmu daemon
  */
 static int
-nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
+nwfilterDriverStartup(bool privileged,
                       virStateInhibitCallback callback ATTRIBUTE_UNUSED,
                       void *opaque ATTRIBUTE_UNUSED)
 {
@@ -185,6 +185,7 @@ nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
         goto err_free_driverstate;
 
     driverState->watchingFirewallD = (sysbus != NULL);
+    driverState->privileged = privileged;
 
     if (!privileged)
         return 0;
@@ -275,6 +276,9 @@ nwfilterDriverReload(void) {
         return -1;
     }
 
+    if (!driverState->privileged)
+        return 0;
+
     conn = virConnectOpen("qemu:///system");
 
     if (conn) {
@@ -333,21 +337,24 @@ nwfilterDriverShutdown(void) {
     if (!driverState)
         return -1;
 
-    virNWFilterConfLayerShutdown();
-    virNWFilterTechDriversShutdown();
-    virNWFilterDHCPSnoopShutdown();
-    virNWFilterLearnShutdown();
-    virNWFilterIPAddrMapShutdown();
+    if (driverState->privileged) {
+        virNWFilterConfLayerShutdown();
+        virNWFilterTechDriversShutdown();
+        virNWFilterDHCPSnoopShutdown();
+        virNWFilterLearnShutdown();
+        virNWFilterIPAddrMapShutdown();
 
-    nwfilterDriverLock(driverState);
+        nwfilterDriverLock(driverState);
 
-    nwfilterDriverRemoveDBusMatches();
+        nwfilterDriverRemoveDBusMatches();
 
-    /* free inactive nwfilters */
-    virNWFilterObjListFree(&driverState->nwfilters);
+        /* free inactive nwfilters */
+        virNWFilterObjListFree(&driverState->nwfilters);
+
+        VIR_FREE(driverState->configDir);
+        nwfilterDriverUnlock(driverState);
+    }
 
-    VIR_FREE(driverState->configDir);
-    nwfilterDriverUnlock(driverState);
     virMutexDestroy(&driverState->lock);
     VIR_FREE(driverState);