diff --git a/pkg/compute/models/secgroups.go b/pkg/compute/models/secgroups.go
index ffa4d1d711..ab9337c0a8 100644
--- a/pkg/compute/models/secgroups.go
+++ b/pkg/compute/models/secgroups.go
@@ -100,7 +100,7 @@ func (manager *SSecurityGroupManager) ListItemFilter(
 		if err != nil {
 			return q, httperrors.NewGeneralError(errors.Wrapf(err, "GetAllowList"))
 		}
-		sq := manager.Query().NotEquals("id", secgroup.Id)
+		sq := manager.Query().NotEquals("id", secgroup.Id).NotEquals("id", api.SECGROUP_DEFAULT_ID)
 		secgroups := []SSecurityGroup{}
 		err = db.FetchModelObjects(manager, sq, &secgroups)
 		if err != nil {
@@ -917,6 +917,9 @@ func (self *SSecurityGroup) PerformMerge(ctx context.Context, userCred mcclient.
 			}
 			return nil, httperrors.NewGeneralError(err)
 		}
+		if _secgroup.GetId() == api.SECGROUP_DEFAULT_ID {
+			return nil, httperrors.NewInputParameterError("not allow merge default security group")
+		}
 		secgroup := _secgroup.(*SSecurityGroup)
 		secgroup.SetModelManager(SecurityGroupManager, secgroup)
 		_inAllowList, _outAllowList, err := secgroup.GetAllowList()
diff --git a/pkg/mcclient/options/secgroup.go b/pkg/mcclient/options/secgroup.go
index cdcdc3ec91..d479aa79a6 100644
--- a/pkg/mcclient/options/secgroup.go
+++ b/pkg/mcclient/options/secgroup.go
@@ -85,7 +85,7 @@ type SecgroupMergeOptions struct {
 }
 
 func (opts *SecgroupMergeOptions) Params() (jsonutils.JSONObject, error) {
-	return jsonutils.Marshal(map[string][]string{"secgruops": opts.SECGROUPS}), nil
+	return jsonutils.Marshal(map[string][]string{"secgroup_ids": opts.SECGROUPS}), nil
 }
 
 type SecgroupsAddRuleOptions struct {