When I run firewalld and NetworkManager (NM) with debug messages on I see that during boot firewalld begins to start (several seconds) after NM. That is bad - NM needs to inform firewalld when making network interfaces up otherwise they will be in no zone until firewalld starts. I suggest these changes in firewalld.service: 1) Before=NetworkManager.service - selfexplaining, needed to start firewalld before NM 2) Type=dbus BusName=org.fedoraproject.FirewallD1 - to tell systemd when firewalld is ready - systems.service(5) says: Type=dbus: Behaviour of dbus is similar to simple, however it is expected that the daemon acquires a name on the D-Bus bus, as configured by BusName=. systemd will proceed starting follow-up units after the D-Bus bus name has been acquired. Service units with this option configured implicitly gain dependencies on the dbus.socket unit. 3) remove After=dbus.target - I think the 'Type=dbus' does the same. Note: I took me a plenty of time to get this solution because I had been trying either (1) or (2) but not both of them together :-(
Fixed upstream: http://git.fedorahosted.org/git?p=firewalld.git;a=commit;h=6efdc463cf1b457423e41f2705ecfae964452696
and http://git.fedorahosted.org/git?p=firewalld.git;a=commit;h=fc5ff2290af8f6342ce4205f6ce2283f43d4d3cb
firewalld-0.2.5-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/firewalld-0.2.5-1.fc17
Package firewalld-0.2.5-1.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing firewalld-0.2.5-1.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-6323/firewalld-0.2.5-1.fc17 then log in and leave karma (feedback).
firewalld-0.2.5-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.