diff --git a/internal/db/models/http_firewall_rule_group_dao.go b/internal/db/models/http_firewall_rule_group_dao.go
index c32a15ed..4b03fe83 100644
--- a/internal/db/models/http_firewall_rule_group_dao.go
+++ b/internal/db/models/http_firewall_rule_group_dao.go
@@ -95,6 +95,7 @@ func (this *HTTPFirewallRuleGroupDAO) ComposeFirewallRuleGroup(tx *dbs.Tx, group
 	config.Name = group.Name
 	config.Description = group.Description
 	config.Code = group.Code
+	config.IsTemplate = group.IsTemplate == 1
 
 	if IsNotNull(group.Sets) {
 		setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
@@ -125,6 +126,7 @@ func (this *HTTPFirewallRuleGroupDAO) CreateGroupFromConfig(tx *dbs.Tx, groupCon
 	op.Description = groupConfig.Description
 	op.State = HTTPFirewallRuleGroupStateEnabled
 	op.Code = groupConfig.Code
+	op.IsTemplate = groupConfig.IsTemplate
 
 	// sets
 	setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
@@ -178,7 +180,7 @@ func (this *HTTPFirewallRuleGroupDAO) CreateGroup(tx *dbs.Tx, isOn bool, name st
 }
 
 // UpdateGroup 修改分组
-func (this *HTTPFirewallRuleGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, isOn bool, name string, description string) error {
+func (this *HTTPFirewallRuleGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, isOn bool, name string, code string, description string) error {
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
@@ -186,6 +188,7 @@ func (this *HTTPFirewallRuleGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, isO
 	op.Id = groupId
 	op.IsOn = isOn
 	op.Name = name
+	op.Code = code
 	op.Description = description
 	err := this.Save(tx, op)
 	if err != nil {
diff --git a/internal/db/models/http_firewall_rule_group_model.go b/internal/db/models/http_firewall_rule_group_model.go
index 833ae4ef..7403b656 100644
--- a/internal/db/models/http_firewall_rule_group_model.go
+++ b/internal/db/models/http_firewall_rule_group_model.go
@@ -1,12 +1,13 @@
 package models
 
-// 防火墙规则分组
+// HTTPFirewallRuleGroup 防火墙规则分组
 type HTTPFirewallRuleGroup struct {
 	Id          uint32 `field:"id"`          // ID
 	IsOn        uint8  `field:"isOn"`        // 是否启用
 	Name        string `field:"name"`        // 名称
 	Description string `field:"description"` // 描述
 	Code        string `field:"code"`        // 代号
+	IsTemplate  uint8  `field:"isTemplate"`  // 是否为预置模板
 	AdminId     uint32 `field:"adminId"`     // 管理员ID
 	UserId      uint32 `field:"userId"`      // 用户ID
 	State       uint8  `field:"state"`       // 状态
@@ -20,6 +21,7 @@ type HTTPFirewallRuleGroupOperator struct {
 	Name        interface{} // 名称
 	Description interface{} // 描述
 	Code        interface{} // 代号
+	IsTemplate  interface{} // 是否为预置模板
 	AdminId     interface{} // 管理员ID
 	UserId      interface{} // 用户ID
 	State       interface{} // 状态
diff --git a/internal/rpc/services/service_http_firewall_policy.go b/internal/rpc/services/service_http_firewall_policy.go
index 5ae870a2..fdc663c0 100644
--- a/internal/rpc/services/service_http_firewall_policy.go
+++ b/internal/rpc/services/service_http_firewall_policy.go
@@ -506,46 +506,20 @@ func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Cont
 	// 入站分组
 	if newConfig.Inbound != nil {
 		for _, g := range newConfig.Inbound.Groups {
+			var oldGroup *firewallconfigs.HTTPFirewallRuleGroup
+
+			// 使用代号查找
 			if len(g.Code) > 0 {
-				// 对于有代号的，覆盖或者添加
-				oldGroup := oldConfig.FindRuleGroupWithCode(g.Code)
-				if oldGroup == nil {
-					// 新创建分组
-					groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroupFromConfig(tx, g)
-					if err != nil {
-						return nil, err
-					}
-					oldConfig.Inbound.GroupRefs = append(oldConfig.Inbound.GroupRefs, &firewallconfigs.HTTPFirewallRuleGroupRef{
-						IsOn:    true,
-						GroupId: groupId,
-					})
-				} else {
-					setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
-					for _, set := range g.Sets {
-						setId, err := models.SharedHTTPFirewallRuleSetDAO.CreateOrUpdateSetFromConfig(tx, set)
-						if err != nil {
-							return nil, err
-						}
-						setRefs = append(setRefs, &firewallconfigs.HTTPFirewallRuleSetRef{
-							IsOn:  true,
-							SetId: setId,
-						})
-					}
-					setsJSON, err := json.Marshal(setRefs)
-					if err != nil {
-						return nil, err
-					}
-					err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupIsOn(tx, oldGroup.Id, true)
-					if err != nil {
-						return nil, err
-					}
-					err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, oldGroup.Id, setsJSON)
-					if err != nil {
-						return nil, err
-					}
-				}
-			} else {
-				// 没有代号的直接创建
+				oldGroup = oldConfig.FindRuleGroupWithCode(g.Code)
+			}
+
+			// 再次根据Name查找
+			if oldGroup == nil && len(g.Name) > 0 {
+				oldGroup = oldConfig.FindRuleGroupWithName(g.Name)
+			}
+
+			if oldGroup == nil {
+				// 新创建分组
 				groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroupFromConfig(tx, g)
 				if err != nil {
 					return nil, err
@@ -554,6 +528,32 @@ func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Cont
 					IsOn:    true,
 					GroupId: groupId,
 				})
+			} else {
+				setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
+				for _, set := range g.Sets {
+					setId, err := models.SharedHTTPFirewallRuleSetDAO.CreateOrUpdateSetFromConfig(tx, set)
+					if err != nil {
+						return nil, err
+					}
+					setRefs = append(setRefs, &firewallconfigs.HTTPFirewallRuleSetRef{
+						IsOn:  true,
+						SetId: setId,
+					})
+				}
+				setsJSON, err := json.Marshal(setRefs)
+				if err != nil {
+					return nil, err
+				}
+
+				err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, oldGroup.Id, g.IsOn, g.Name, g.Code, g.Description)
+				if err != nil {
+					return nil, err
+				}
+
+				err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, oldGroup.Id, setsJSON)
+				if err != nil {
+					return nil, err
+				}
 			}
 		}
 	}
@@ -561,46 +561,20 @@ func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Cont
 	// 出站分组
 	if newConfig.Outbound != nil {
 		for _, g := range newConfig.Outbound.Groups {
+			var oldGroup *firewallconfigs.HTTPFirewallRuleGroup
+
+			// 使用代号查找
 			if len(g.Code) > 0 {
-				// 对于有代号的，覆盖或者添加
-				oldGroup := oldConfig.FindRuleGroupWithCode(g.Code)
-				if oldGroup == nil {
-					// 新创建分组
-					groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroupFromConfig(tx, g)
-					if err != nil {
-						return nil, err
-					}
-					oldConfig.Outbound.GroupRefs = append(oldConfig.Outbound.GroupRefs, &firewallconfigs.HTTPFirewallRuleGroupRef{
-						IsOn:    true,
-						GroupId: groupId,
-					})
-				} else {
-					setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
-					for _, set := range g.Sets {
-						setId, err := models.SharedHTTPFirewallRuleSetDAO.CreateOrUpdateSetFromConfig(tx, set)
-						if err != nil {
-							return nil, err
-						}
-						setRefs = append(setRefs, &firewallconfigs.HTTPFirewallRuleSetRef{
-							IsOn:  true,
-							SetId: setId,
-						})
-					}
-					setsJSON, err := json.Marshal(setRefs)
-					if err != nil {
-						return nil, err
-					}
-					err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupIsOn(tx, oldGroup.Id, true)
-					if err != nil {
-						return nil, err
-					}
-					err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, oldGroup.Id, setsJSON)
-					if err != nil {
-						return nil, err
-					}
-				}
-			} else {
-				// 没有代号的直接创建
+				oldGroup = oldConfig.FindRuleGroupWithCode(g.Code)
+			}
+
+			// 再次根据Name查找
+			if oldGroup == nil && len(g.Name) > 0 {
+				oldGroup = oldConfig.FindRuleGroupWithName(g.Name)
+			}
+
+			if oldGroup == nil {
+				// 新创建分组
 				groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroupFromConfig(tx, g)
 				if err != nil {
 					return nil, err
@@ -609,6 +583,30 @@ func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Cont
 					IsOn:    true,
 					GroupId: groupId,
 				})
+			} else {
+				setRefs := []*firewallconfigs.HTTPFirewallRuleSetRef{}
+				for _, set := range g.Sets {
+					setId, err := models.SharedHTTPFirewallRuleSetDAO.CreateOrUpdateSetFromConfig(tx, set)
+					if err != nil {
+						return nil, err
+					}
+					setRefs = append(setRefs, &firewallconfigs.HTTPFirewallRuleSetRef{
+						IsOn:  true,
+						SetId: setId,
+					})
+				}
+				setsJSON, err := json.Marshal(setRefs)
+				if err != nil {
+					return nil, err
+				}
+				err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, oldGroup.Id, g.IsOn, g.Name, g.Code, g.Description)
+				if err != nil {
+					return nil, err
+				}
+				err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, oldGroup.Id, setsJSON)
+				if err != nil {
+					return nil, err
+				}
 			}
 		}
 	}
diff --git a/internal/rpc/services/service_http_firewall_rule_group.go b/internal/rpc/services/service_http_firewall_rule_group.go
index 35474f06..189b7f20 100644
--- a/internal/rpc/services/service_http_firewall_rule_group.go
+++ b/internal/rpc/services/service_http_firewall_rule_group.go
@@ -75,7 +75,7 @@ func (this *HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroup(ctx contex
 
 	tx := this.NullTx()
 
-	err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, req.FirewallRuleGroupId, req.IsOn, req.Name, req.Description)
+	err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, req.FirewallRuleGroupId, req.IsOn, req.Name, req.Code, req.Description)
 	if err != nil {
 		return nil, err
 	}
diff --git a/internal/setup/sql_upgrade.go b/internal/setup/sql_upgrade.go
index 1c33ca5d..a8d5c201 100644
--- a/internal/setup/sql_upgrade.go
+++ b/internal/setup/sql_upgrade.go
@@ -543,5 +543,12 @@ func upgradeV0_3_7(db *dbs.DB) error {
 	if err != nil {
 		return err
 	}
+
+	// WAF预置分组
+	_, err = db.Exec("UPDATE edgeHTTPFirewallRuleGroups SET isTemplate=1 WHERE LENGTH(code)>0")
+	if err != nil {
+		return err
+	}
+
 	return nil
-}
\ No newline at end of file
+}