Certainly odd, the error is saying the unit file is masked, which is basically causing the unit server to be pointed to /dev/null. In normal cases, masking the unit file will be a bit above using disable as you wont even be able to start the service without unmasking the unit file first. Wonder what caused that.
Check the status directly as well to know what the system is reporting. systemctl status firewalld.service
What are the contents of the your firewalld.service file in /usr/lib/systemd/system.
[root@pbx1 ~]# systemctl status firewalld.service
β firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Aug 19 06:49:52 pbx1.domain.local systemd[1]: Cannot add dependency job for unit firewalld.service, ignoring: Unit is masked.
Warning: firewalld.service changed on disk. Run 'systemctl daemon-reload' to reload units.
This confirmed that that are two services that are masked. Checking each individually, confirmed that they both rely on firewalld:
[root@pbx1 ~]# systemctl status -l firewalld.service
β firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Aug 19 06:49:52 pbx1.domain.local systemd[1]: Cannot add dependency job for unit firewalld.service, ignoring: Unit is masked.
Warning: firewalld.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@pbx1 ~]# systemctl status -l dbus-org.fedoraproject.FirewallD1.service
β firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Aug 19 06:49:52 pbx1.domain.local systemd[1]: Cannot add dependency job for unit firewalld.service, ignoring: Unit is masked.
So I reloaded the deamon:
systemctl daemon-reload
Now it showed just this:
[root@pbx1 ~]# systemctl status -l firewalld.service
β firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Aug 19 06:49:52 pbx1.domain.local systemd[1]: Cannot add dependency job for unit firewalld.service, ignoring: Unit is masked.
[root@pbx1 ~]# systemctl status -l firewalld.service
Γ’β firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-08-24 03:53:31 EDT; 16s ago
Docs: man:firewalld(1)
Main PID: 19462 (firewalld)
CGroup: /system.slice/firewalld.service
Γ’ββΓ’ββ¬19462 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
Aug 24 03:53:31 pbx1.domain.local systemd[1]: Starting firewalld - dynamic firewall daemon...
Aug 24 03:53:31 pbx1.domain.local systemd[1]: Started firewalld - dynamic firewall daemon.
Aug 24 03:53:31 pbx1.domain.local firewalld[19462]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.