diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
index 307825331d..21dea3013a 100644
--- a/src/util/virfirewall.c
+++ b/src/util/virfirewall.c
@@ -640,7 +640,7 @@ virFirewallApplyRuleDirect(virFirewallRulePtr rule,
 }
 
 
-static int
+static int G_GNUC_UNUSED
 virFirewallApplyRuleFirewallD(virFirewallRulePtr rule,
                               bool ignoreErrors,
                               char **output)
@@ -698,7 +698,16 @@ virFirewallApplyRule(virFirewallPtr firewall,
             return -1;
         break;
     case VIR_FIREWALL_BACKEND_FIREWALLD:
-        if (virFirewallApplyRuleFirewallD(rule, ignoreErrors, &output) < 0)
+        /* Since we are using raw iptables rules, there is no
+         * advantage to going through firewalld, so instead just add
+         * them directly rather that via dbus calls to firewalld. This
+         * has the useful side effect of eliminating extra unwanted
+         * warning messages in the system logs when trying to delete
+         * rules that don't exist (which is something that happens
+         * often when libvirtd is started, and *always* when firewalld
+         * is restarted)
+         */
+        if (virFirewallApplyRuleDirect(rule, ignoreErrors, &output) < 0)
             return -1;
         break;
 
diff --git a/tests/virfirewalltest.c b/tests/virfirewalltest.c
index fa1838a499..2670eb1561 100644
--- a/tests/virfirewalltest.c
+++ b/tests/virfirewalltest.c
@@ -194,7 +194,8 @@ testFirewallSingleGroup(const void *opaque)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT)
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD)
         virCommandSetDryRun(&cmdbuf, NULL, NULL);
     else
         fwBuf = &cmdbuf;
@@ -247,7 +248,8 @@ testFirewallRemoveRule(const void *opaque)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT)
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD)
         virCommandSetDryRun(&cmdbuf, NULL, NULL);
     else
         fwBuf = &cmdbuf;
@@ -307,7 +309,8 @@ testFirewallManyGroups(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT)
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD)
         virCommandSetDryRun(&cmdbuf, NULL, NULL);
     else
         fwBuf = &cmdbuf;
@@ -394,7 +397,8 @@ testFirewallIgnoreFailGroup(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwBuf = &cmdbuf;
@@ -462,7 +466,8 @@ testFirewallIgnoreFailRule(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwBuf = &cmdbuf;
@@ -527,7 +532,8 @@ testFirewallNoRollback(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwBuf = &cmdbuf;
@@ -590,7 +596,8 @@ testFirewallSingleRollback(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwError = true;
@@ -669,7 +676,8 @@ testFirewallManyRollback(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwBuf = &cmdbuf;
@@ -756,7 +764,8 @@ testFirewallChainedRollback(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallRollbackHook, NULL);
     } else {
         fwBuf = &cmdbuf;
@@ -951,7 +960,8 @@ testFirewallQuery(const void *opaque G_GNUC_UNUSED)
     if (virFirewallSetBackend(data->tryBackend) < 0)
         goto cleanup;
 
-    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) {
+    if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT ||
+        data->expectBackend == VIR_FIREWALL_BACKEND_FIREWALLD) {
         virCommandSetDryRun(&cmdbuf, testFirewallQueryHook, NULL);
     } else {
         fwBuf = &cmdbuf;