diff --git a/data/templates/conntrack/nftables-ct.j2 b/data/templates/conntrack/nftables-ct.j2
index 9708690432c..3a5b5a87c05 100644
--- a/data/templates/conntrack/nftables-ct.j2
+++ b/data/templates/conntrack/nftables-ct.j2
@@ -29,7 +29,7 @@ table raw {
         return
     }
 
-{{ group_tmpl.groups(firewall_group, False) }}
+{{ group_tmpl.groups(firewall_group, False, True) }}
 }
 
 flush chain ip6 raw {{ nft_ct_ignore_name }}
@@ -54,5 +54,5 @@ table ip6 raw {
         return
     }
 
-{{ group_tmpl.groups(firewall_group, True) }}
+{{ group_tmpl.groups(firewall_group, True, True) }}
 }
diff --git a/data/templates/firewall/nftables-vrf-zones.j2 b/data/templates/firewall/nftables-vrf-zones.j2
index eecf47b7813..3bce7312d52 100644
--- a/data/templates/firewall/nftables-vrf-zones.j2
+++ b/data/templates/firewall/nftables-vrf-zones.j2
@@ -7,11 +7,11 @@ table inet vrf_zones {
   # Chain for inbound traffic
   chain vrf_zones_ct_in {
     type filter hook prerouting priority raw; policy accept;
-    counter ct zone set iifname map @ct_iface_map
+    counter ct original zone set iifname map @ct_iface_map
   }
   # Chain for locally-generated traffic
   chain vrf_zones_ct_out {
     type filter hook output priority raw; policy accept;
-    counter ct zone set oifname map @ct_iface_map
+    counter ct original zone set oifname map @ct_iface_map
   }
 }
diff --git a/debian/changelog b/debian/changelog
index c9d925253e5..d64c66818a1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-vyos-1x (1.4dev0) unstable; urgency=medium
+vyos-1x (1.5dev0) unstable; urgency=medium
 
   * Dummy changelog entry for vyos-1x repository
     This is a internal VyOS package and the VyOS package process does not use
@@ -7,4 +7,4 @@ vyos-1x (1.4dev0) unstable; urgency=medium
     The correct verion number of this package is auto-generated by GIT
     on build-time
 
- -- VyOS maintainers and contributors <maintainers@vyos.io>  Mon, 11 Jan 2021 19:02:53 +0100
+ -- VyOS maintainers and contributors <maintainers@vyos.io>  Sun, 10 Sep 2023 15:42:53 +0200
diff --git a/interface-definitions/service-webproxy.xml.in b/interface-definitions/service-webproxy.xml.in
index b24997816f1..637d578910a 100644
--- a/interface-definitions/service-webproxy.xml.in
+++ b/interface-definitions/service-webproxy.xml.in
@@ -353,7 +353,7 @@
                 <description>Object size in KB</description>
               </valueHelp>
               <constraint>
-                <validator name="numeric" argument="--range 1-100000"/>
+                <validator name="numeric" argument="--range 1-1000000"/>
               </constraint>
             </properties>
           </leafNode>
diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index 23b4b8459b8..11cbd977d08 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -300,6 +300,8 @@ def find_references(group_type, group_name):
                     for priority, priority_conf in firewall[item][name_type].items():
                         if priority not in firewall[item][name_type]:
                             continue
+                        if 'rule' not in priority_conf:
+                            continue
                         for rule_id, rule_conf in priority_conf['rule'].items():
                             source_group = dict_search_args(rule_conf, 'source', 'group', group_type)
                             dest_group = dict_search_args(rule_conf, 'destination', 'group', group_type)
diff --git a/src/systemd/vyos-router.service b/src/systemd/vyos-router.service
index 6f683cebb0c..7a1638f1188 100644
--- a/src/systemd/vyos-router.service
+++ b/src/systemd/vyos-router.service
@@ -1,7 +1,6 @@
 [Unit]
 Description=VyOS Router
 After=systemd-journald-dev-log.socket time-sync.target local-fs.target cloud-config.service
-Requires=frr.service
 Conflicts=shutdown.target
 Before=systemd-user-sessions.service