diff --git a/.gitignore b/.gitignore
index 0c653ac..1ca796b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -391,3 +391,4 @@ network-manager-applet-0.8.1.tar.bz2
 /NetworkManager-1.31.4.tar.xz
 /NetworkManager-1.31.90.tar.xz
 /NetworkManager-1.32.0.tar.xz
+/NetworkManager-1.32.4.tar.xz
diff --git a/0001-firewall-Fedora-patch-to-default-to-iptables-backend.patch b/0001-firewall-Fedora-patch-to-default-to-iptables-backend.patch
deleted file mode 100644
index c2caeb9..0000000
--- a/0001-firewall-Fedora-patch-to-default-to-iptables-backend.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 35fa1c22b6b6f89fd74f31186ec92ec70ed34af2 Mon Sep 17 00:00:00 2001
-From: Thomas Haller <thaller@redhat.com>
-Date: Wed, 16 Jun 2021 22:43:32 +0200
-Subject: [PATCH 1/1] firewall: Fedora patch to default to iptables backend
-
-Currently, SELinux prevents NetworkManager talking to `nft -f -` (rh #1972911).
-Until that is resolved, apply a downstream patch to default to "iptables" backend.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1972911
----
- src/core/nm-firewall-utils.c | 9 +++------
- 1 file changed, 3 insertions(+), 6 deletions(-)
-
-diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c
-index 3f2251569fa0..f2712f3d72ab 100644
---- a/src/core/nm-firewall-utils.c
-+++ b/src/core/nm-firewall-utils.c
-@@ -744,12 +744,9 @@ nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared)
- static NMFirewallBackend
- _firewall_backend_detect(void)
- {
--    if (g_file_test(NFT_PATH, G_FILE_TEST_IS_EXECUTABLE))
--        return NM_FIREWALL_BACKEND_NFTABLES;
--    if (g_file_test(IPTABLES_PATH, G_FILE_TEST_IS_EXECUTABLE))
--        return NM_FIREWALL_BACKEND_IPTABLES;
--
--    return NM_FIREWALL_BACKEND_NFTABLES;
-+    /* Currently, SELinux prevents NetworkManager talking to `nft -f -` (rh ##1972911).
-+     * Until that is resolved, apply a downstream patch to default to "iptables" backend. */
-+    return NM_FIREWALL_BACKEND_IPTABLES;
- }
- 
- NMFirewallBackend
--- 
-2.31.1
-
diff --git a/NetworkManager.spec b/NetworkManager.spec
index 51860f0..7246358 100644
--- a/NetworkManager.spec
+++ b/NetworkManager.spec
@@ -5,8 +5,8 @@
 %global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
 
 %global epoch_version 1
-%global rpm_version 1.32.0
-%global real_version 1.32.0
+%global rpm_version 1.32.4
+%global real_version 1.32.4
 %global release_version 1
 %global snapshot %{nil}
 %global git_sha %{nil}
@@ -185,7 +185,7 @@ Source4: 20-connectivity-fedora.conf
 Source5: 20-connectivity-redhat.conf
 Source6: 70-nm-connectivity.conf
 
-Patch1: 0001-firewall-Fedora-patch-to-default-to-iptables-backend.patch
+#Patch1: 0001-some.patch
 
 Requires(post): systemd
 Requires(post): /usr/sbin/update-alternatives
@@ -1149,6 +1149,10 @@ fi
 
 
 %changelog
+* Tue Jul 20 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.4-1
+- update to 1.32.4 release
+- default to "nftables" firewall-backend for shared mode.
+
 * Wed Jun 16 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.0-1
 - update to 1.32.0 release
 - default to "iptables" firewall-backend due to SELinux bug rh #1972911.
diff --git a/sources b/sources
index a3d96cd..fcbf8ae 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (NetworkManager-1.32.0.tar.xz) = 71b6740900847f4efca665340bed76083a5f17037e570d2c89c016750b9ada70b09033c02ded0b9974a172051517cacf7466107783f2fbde70e9741bf0ae0ad0
+SHA512 (NetworkManager-1.32.4.tar.xz) = 95be90d4c8f8f9f58a3c7ad8d8c9b592d2b77f283df58b495fe1b673c4fadd4409f4fc00fc9766343e3ac240dd805583db4f05e6d1f0b367fe22b306227fc684