Hi, I would like to request inclusion of the following patches which address bugs found in our testing. https://review.openstack.org/#/c/539461/ Addressing: https://bugs.launchpad.net/neutron/+bug/1746404 'auto_associate_default_firewall_group' got an error when new port is created We started with a CfgOpt to Disable default FWG on ports. This has caused issues with Conntrack so this option is being removed. Also on a related note, we were mistakenly applying on other ports - so tightened up the validation to ensure that it is a VM port. And https://review.openstack.org/#/c/536234/ Addressing: https://bugs.launchpad.net/neutron/+bug/1746855 FWaaS V2 failures with Ml2 is Linuxbridge or security group driver is iptables_hybrid We have failures with Linuxbridge as it is not a supported option and if SG uses iptables_hybrid driver - we have seen issues which possibly might be addressed [1], but with not enough validation we would like to prevent this scenario as well. With more testing and addressing any issues we can remove the restriction on SG with iptables_hybrid driver in the R release. [1] https://review.openstack.org/#/c/538154/ Cheers, An