解決ufw和netfilter同時存在ufw無法激活的問題

開機后，發現ufw一直處于inactive,查看 ufw狀態, 本機也安裝了docker,經過網上搜索和本地確認是
netfilter-persistent這服務導致的。

$ sudo service --status-all |grep netfilter
 [ + ]  netfilter-persistent

$ sudo ufw status

Status: inactive

確認ufw eanble 配置開啟

# /etc/ufw/ufw.conf
#

# Set to yes to start on boot. If setting this remotely, be sure to add a rule
# to allow your remote connection before starting ufw. Eg: 'ufw allow 22/tcp'
ENABLED=yes

# Please use the 'ufw' command to set the loglevel. Eg: 'ufw logging medium'.
# See 'man ufw' for details.
LOGLEVEL=low

編輯ufw.service配置文件

在/lib/systemd/system/ufw.service文件中增加 After=netfilter-persistent.service字段：

[Unit]
Description=Uncomplicated firewall
Documentation=man:ufw(8)
DefaultDependencies=no
Before=network.target
After=netfilter-persistent.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/lib/ufw/ufw-init start quiet
ExecStop=/lib/ufw/ufw-init stop

[Install]
WantedBy=multi-user.target

重啟

$ sudo reboot