What is UFW? You would think this is an easy question, but the more sources I read, the less clear it gets.
The acronym spells out to Uncomplicated FireWall, as though ufw actually implements a firewall itself. And indeed in many places it is referred to as a firewall per se, such as in this article.
The Ubuntu help wiki page on UFW says that UFW is a configuration tool for iptables. (In turn, the help wiki page on firewalls says that iptables is the database of firewall rules, and that it is also the actual firewall, as though a database is a firewall, which is obviously false. And of course 'iptables' is also the name of a program.)
If ufw is a configuration tool, then we might expect it to be a program that you run to configure something, and once done, you quit with the config having been established. That's the position of this question's accepted answer: Is Uncomplicated FireWall (ufw) a service?
But other answers on that question disagree — no, it's a service. And indeed on my 18.04 machine, I see that ufw is running as a service! Why the heck does a configuration tool run as a service?!
systemctl list-units --all --type=service shows
loaded and active (and also
ufw status shows
So what does ufw status = inactive mean?
That "the firewall" (whatever that is) is inactive? That's what the ufw man page doc for 'status' would suggest.
Or does it mean that the rules configured in ufw are inactive (but others configured in iptables are active)?
Or does it mean that ufw started on bootup, instated its rules into ipconfig (or wherever they go) so that they are now in effect, and now ufw has nothing to do so it's inactive?
Of particular interest: I want to follow some instructions that require issuing some iptables commands, but am concerned that they will conflict with, or be overwritten by, the ufw apparatus.