Problem is that after reboot ufw does not persist as enabled.
Anyway I’ve found the problem - Kernel doesn’t support logging - see ufw’s bug tracker:
Expecting Kahda’s Kernel 4.9 might have the same problem I have disabled logging:
sudo ufw logging off
And also because I have disabled IPv6, I needed to disable IPv6 in ufw config too:
sudo nano /etc/default/ufw
And set:
IPV6=no
Now enabling ufw gives no error:
khadas@gytis-vim1:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
And persists after reboot:
khadas@gytis-vim1:~$ sudo ufw status
[sudo] password for khadas:
Status: active
Downside is having no ufw logs. If anyone who has experience with Kernel modules could check what’s missing, would be great 