See the LP bug.
Setting priority low as apparently this is not an issue when using Neutron, only nova-network.
Looks like a fix merged for icehouse-rc1.
# grep 'does not support' /var/log/nova/*.log
/var/log/nova/other.log:2014-06-17 08:37:56.998 21682 WARNING nova.compute.manager [req-dd8857ea-2df4-43da-a099-6a8bc8339b68 admin admin] [instance: 7a76e8f8-bccc-451a-95f0-a7e0853998bc] Hypervisor driver does not support security groups.
# iptables -S | grep ' 33 '
[[[ empty here ]]]
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.