diff --git a/include/tests_firewalls b/include/tests_firewalls
index d794b3f4..85f2b150 100644
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@@ -506,13 +506,13 @@
     # Test        : FIRE-4540
     # Description : Check nftables configuration
     if HasData "${NFTBINARY}"; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
-    Register --test-no FIRE-4540 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for empty nftables configuration"
+    Register --test-no FIRE-4540 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check for empty nftables configuration"
     if [ ${SKIPTEST} -eq 0 ]; then
         # Check for empty ruleset
-        NFT_RULES_LENGTH=$(${NFTBINARY} export json 2> /dev/null | wc -c)
-        if [ ${NFT_RULES_LENGTH} -le 16 ]; then
+        NFT_RULES_LENGTH=$(${NFTBINARY} list ruleset --stateless 2> /dev/null | ${EGREPBINARY} -v "table|chain|;$|}$|^$" | ${WCBINARY} -l)
+        if [ ${NFT_RULES_LENGTH} -le 3 ]; then
             FIREWALL_EMPTY_RULESET=1
-            LogText "Result: this firewall set has 16 rules or less and is considered to be empty"
+            LogText "Result: this firewall set has 3 rules or less and is considered to be empty"
         else
             LogText "Result: found ${NFT_RULES_LENGTH} rules in nftables configuration"
         fi