diff --git a/neutron_classifier/common/constants.py b/neutron_classifier/common/constants.py
index dd42db1..61e0f5f 100644
--- a/neutron_classifier/common/constants.py
+++ b/neutron_classifier/common/constants.py
@@ -7,4 +7,4 @@ PROTOCOLS = ['tcp', 'udp', 'icmp', 'icmpv6']
 
 ENCAPSULATION_TYPES = ['vxlan', 'gre']
 
-NEUTRON_SERVICES = ['neutron-fwaas', 'networking-sfc']
+NEUTRON_SERVICES = ['neutron-fwaas', 'networking-sfc', 'security-group']
diff --git a/neutron_classifier/db/api.py b/neutron_classifier/db/api.py
index bc04b25..59318bf 100644
--- a/neutron_classifier/db/api.py
+++ b/neutron_classifier/db/api.py
@@ -19,9 +19,56 @@ def get_classifier_chain():
     pass
 
 
-def create_classifier_chain(classifier_group, classifier):
+def create_classifier_chain(context, classifier_group, classifier):
     chain = models.ClassifierChainEntry()
     chain.sequence = 1
     chain.classifier = classifier
     chain.classifier_group = classifier_group
+    context.session.add(chain)
+    context.session.commit()
     return chain
+
+
+def convert_security_group_rule_to_classifier(context, security_group_rule):
+    # TODO(sc68cal) Pass in the classifier group
+    group = models.ClassifierGroup()
+    group.service = 'security-group'
+
+    # Pull the source from the SG rule
+    cl1 = models.IpClassifier()
+    cl1.source_ip_prefix = security_group_rule['remote_ip_prefix']
+
+    # Ports
+    cl2 = models.TransportClassifier()
+    cl2.destination_port_range_min = security_group_rule['port_range_min']
+    cl2.destination_port_range_max = security_group_rule['port_range_max']
+
+    chain1 = models.ClassifierChainEntry()
+    chain1.classifier_group = group
+    chain1.classifier = cl1
+    chain1.sequence = 1
+
+    chain2 = models.ClassifierChainEntry()
+    chain2.classifier_group = group
+    chain2.classifier = cl2
+    # Security Group classifiers might not need to be nested or have sequences?
+    chain2.sequence = 1
+    context.session.add(group)
+    context.session.add(cl1)
+    context.session.add(cl2)
+    context.session.add(chain1)
+    context.session.add(chain2)
+    context.session.commit()
+    return group
+
+
+def convert_firewall_rule_to_classifier(context, firewall_rule):
+    pass
+
+
+def convert_classifier_chain_to_security_group(context, chain_id):
+    pass
+
+
+def convert_classifier_to_firewall_policy(context, chain_id):
+    pass
diff --git a/neutron_classifier/tests/test_db_api.py b/neutron_classifier/tests/test_db_api.py
index e4c1a58..440ad16 100644
--- a/neutron_classifier/tests/test_db_api.py
+++ b/neutron_classifier/tests/test_db_api.py
@@ -16,18 +16,26 @@ from neutron_classifier.db import models
 import sqlalchemy as sa
 from sqlalchemy.orm import sessionmaker
 
-from oslotest import base
 from oslo_utils import uuidutils
+from oslotest import base
+
+
+class ClassifierTestContext(object):
+    "Classifier Database Context."
+    engine = None
+    session = None
+
+    def __init__(self):
+        self.engine = sa.create_engine('sqlite:///:memory:', echo=True)
+        self.session = sessionmaker(bind=self.engine)()
 
 
 class DbApiTestCase(base.BaseTestCase):
 
     def setUp(self):
         super(DbApiTestCase, self).setUp()
-        engine = sa.create_engine('sqlite:///:memory:', echo=True)
-        Session = sessionmaker(bind=engine)
-        self.session = Session()
-        models.Base.metadata.create_all(engine)
+        self.context = ClassifierTestContext()
+        models.Base.metadata.create_all(self.context.engine)
 
     def test_create_classifier_chain(self):
         # TODO(sc68cal) Make this not hacky, and make it pass a session
@@ -39,10 +47,43 @@ class DbApiTestCase(base.BaseTestCase):
         a.description = 'ensure all data inserted correctly'
         a.service = 'neutron-fwaas'
         b = models.IpClassifier()
-        b.destination_ip_prefix = "fd70:fbb6:449e::/48"
-        b.source_ip_prefix = "fddf:cb3b:bc4::/48"
-        result = api.create_classifier_chain(a, b)
-        self.session.add(a)
-        self.session.add(b)
-        self.session.add(result)
-        self.session.commit()
+        b.destination_ip_prefix = 'fd70:fbb6:449e::/48'
+        b.source_ip_prefix = 'fddf:cb3b:bc4::/48'
+        result = api.create_classifier_chain(self.context, a, b)
+        self.assertIsNotNone(result)
+
+    def test_convert_security_group_rule_to_classifier(self):
+        sg_rule = {'direction': 'INGRESS',
+                   'protocol': 'tcp',
+                   'ethertype': 6,
+                   'tenant_id': 'fake_tenant',
+                   'port_range_min': 80,
+                   'port_range_max': 80,
+                   'remote_ip_prefix': 'fddf:cb3b:bc4::/48',
+                   }
+        api.convert_security_group_rule_to_classifier(self.context, sg_rule)
+
+    def test_convert_firewall_rule_to_classifier(self):
+        firewall_rule = {'protocol': 'foo',
+                         'ip_version': 6,
+                         'source_ip_address': 'fddf:cb3b:bc4::/48',
+                         'destination_ip_address': 'fddf:cb3b:b33f::/48',
+                         'source_port': 80,
+                         'destination_port': 80,
+                         'position': 1,
+                         'action': 'ALLOW',
+                         'enabled': True
+                         }
+        api.convert_firewall_rule_to_classifier(self.context, firewall_rule)
+
+    def test_convert_firewall_policy_to_classifier_chain(self):
+        pass
+
+    def test_convert_security_group_to_classifier_chain(self):
+        pass
+
+    def test_convert_classifier_chain_to_security_group(self):
+        pass
+
+    def test_convert_classifier_chain_to_firewall_policy(self):
+        pass