diff --git a/hack/dind-systemd b/hack/dind-systemd
index 756579e4fb..27730774a1 100755
--- a/hack/dind-systemd
+++ b/hack/dind-systemd
@@ -63,10 +63,10 @@ if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then
 	}
 fi
 
-# Allow connections coming from the host (through eth0). This is needed to
-# access the daemon port (independently of which port is used), or run a
-# 'remote' Delve session, etc...
 if [ "${FIREWALLD:-}" = "true" ]; then
+	# Allow connections coming from the host (through eth0). This is needed to
+	# access the daemon port (independently of which port is used), or run a
+	# 'remote' Delve session, etc...
 	cat > /etc/firewalld/zones/trusted.xml << EOF
 <?xml version="1.0" encoding="utf-8"?>
 <zone target="ACCEPT">
@@ -75,6 +75,13 @@ if [ "${FIREWALLD:-}" = "true" ]; then
   <interface name="eth0"/>
   <forward/>
 </zone>
+EOF
+
+	# Increase firewalld log verbosity to help debug issues
+	cat > /etc/systemd/system/firewalld.service << EOF
+[Service]
+ExecStart=
+ExecStart=/usr/sbin/firewalld --nofork --nopid --debug=4
 EOF
 fi