Ubuntu 20.10 Groovy proposed: systemd fails to start ufw.service

What is the output of: update-alternatives --query iptables ?

Name: iptables
Link: /usr/sbin/iptables
Slaves:
 iptables-restore /usr/sbin/iptables-restore
 iptables-save /usr/sbin/iptables-save
> What is the output of: update-alternatives --query iptables ?

Status: auto
Best: /usr/sbin/iptables-legacy
Value: /usr/sbin/iptables-legacy

Alternative: /usr/sbin/iptables-legacy
Priority: 20
Slaves:
 iptables-restore /usr/sbin/iptables-legacy-restore
 iptables-save /usr/sbin/iptables-legacy-save

Alternative: /usr/sbin/iptables-nft
Priority: 10
Slaves:
 iptables-restore /usr/sbin/iptables-nft-restore
 iptables-save /usr/sbin/iptables-nft-save

There's also some if servies failing (Related to network) not sure if this is related.

What is the output of: sudo /usr/share/ufw/check-requirements?

> What is the output of: sudo /usr/share/ufw/check-requirements?

Has python: pass (binary: python3, version: 3.8.5, py3)
Has iptables: pass

Has ip6tables: pass

Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass

This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
Proceed with checks (Y/n)? Y
== IPv4 ==
Creating 'ufw-check-requirements'... iptables v1.8.4 (legacy): can't initialize iptables table `filter': Bad address
Perhaps iptables or your kernel needs to be upgraded.
ERROR: could not create 'ufw-check-requirements'. Aborting
FAIL: check your kernel and that you have iptables >= 1.4.0

My iptables version from dpkg: 1.8.4-3ubuntu:amd64

Does ufw start to work if you perform: sudo modprobe iptable_filter ip6table_filter ?

> Does ufw start to work if you perform: sudo modprobe iptable_filter ip6table_filter ?

After modprobe and systemctl enable:

modprobe: FATAL: Module systemctl not found in directory /lib/modules/5.8.0-12-generic

Sorry wrong command, this is the actual with: journalctl --follow:

Aug 06 15:36:16 kortewegdevries audit: PROCTITLE proctitle=6970367461626C65732D726573746F7265002D6E
Aug 06 15:36:16 kortewegdevries audit[44914]: NETFILTER_CFG table=filter family=10 entries=171 op=replace pid=44914 comm="ip6tables-resto"
Aug 06 15:36:16 kortewegdevries audit[44914]: SYSCALL arch=c000003e syscall=54 success=yes exit=0 a0=4 a1=29 a2=40 a3=55ddb63402a0 items=0 ppid=44778 pid=44914 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables-resto" exe="/usr/sbin/xtables-legacy-multi" key=(null)
Aug 06 15:36:16 kortewegdevries audit: PROCTITLE proctitle=6970367461626C65732D726573746F7265002D6E
Aug 06 15:36:16 kortewegdevries ufw-init[44918]: Problem running '/etc/ufw/before.rules'
Aug 06 15:36:16 kortewegdevries ufw-init[44918]: Problem running '/etc/ufw/after.rules'
Aug 06 15:36:16 kortewegdevries ufw-init[44918]: Problem running '/etc/ufw/user.rules'
Aug 06 15:36:16 kortewegdevries systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE
Aug 06 15:36:16 kortewegdevries systemd[1]: ufw.service: Failed with result 'exit-code'.
Aug 06 15:36:16 kortewegdevries systemd[1]: Failed to start Uncomplicated firewall.
Aug 06 15:36:16 kortewegdevries audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=ufw comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Aug 06 15:36:16 kortewegdevries sudo[44774]: pam_unix(sudo:session): session closed for user root
Aug 06 15:36:16 kortewegdevries audit[44774]: USER_END pid=44774 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
Aug 06 15:36:16 kortewegdevries audit[44774]: CRED_DISP pid=44774 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'

systemctl:

Job for ufw.service failed because the control process exited with error code.
See "systemctl status ufw.service" and "journalctl -xe" for details.

Don't mind this:

> modprobe: FATAL: Module systemctl not found in directory /lib/modules/5.8.0-12-generic

Accidentally pressed up key and ran "sudo modprobe systemctl enable ufw"

Status:

● ufw.service - Uncomplicated firewall
     Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2020-08-06 15:42:07 UTC; 33s ago
       Docs: man:ufw(8)
    Process: 45273 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=1/FAILURE)
   Main PID: 45273 (code=exited, status=1/FAILURE)

Aug 06 15:42:07 kortewegdevries ufw-init[45308]: Try `iptables-restore -h' or 'iptables-restore --help'>
Aug 06 15:42:07 kortewegdevries ufw-init[45311]: iptables-restore v1.8.4 (legacy): iptables-restore: un>
Aug 06 15:42:07 kortewegdevries ufw-init[45311]: Error occurred at line: 1
Aug 06 15:42:07 kortewegdevries ufw-init[45311]: Try `iptables-restore -h' or 'iptables-restore --help'>
Aug 06 15:42:07 kortewegdevries ufw-init[45413]: Problem running '/etc/ufw/before.rules'
Aug 06 15:42:07 kortewegdevries ufw-init[45413]: Problem running '/etc/ufw/after.rules'
Aug 06 15:42:07 kortewegdevries ufw-init[45413]: Problem running '/etc/ufw/user.rules'
Aug 06 15:42:07 kortewegdevries systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAI>
Aug 06 15:42:07 kortewegdevries systemd[1]: ufw.service: Failed with result 'exit-code'.
Aug 06 15:42:07 kortewegdevries systemd[1]: Failed to start Uncomplicated firewall.
lines 1-17/17 (END)

This appears to be: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1891020

Hi, not sure if this is a duplicate,in my case lsmod shows, that iptable modules are loaded but ufw fails to start still.

lsmod|grep table

iptable_filter 16384 0
ip6table_filter 16384 1
ip6_tables 32768 53 ip6table_filter
ip_tables 32768 1 iptable_filter
x_tables 45056 12
ip6table_filter,xt_conntrack,iptable_filter,xt_LOG,xt_tcpudp,xt_recent,ip6t_rt,ip6_tables,ip_tables,xt_limit,xt_hl,ip6t_REJECT

I'm now on systemd 246-2ubuntu1,Ubuntu 5.8.0-12.13-generic 5.8.0-rc7,ufw 0.36-6,grub 2.04-1ubuntu28.

I tried to attach SYSTEMD_LOG_LEVEL=debug to ufw and restart it with journalctl --follow. Notably between the message "Try `iptables-restore -h' or 'iptables-restore --help' for more information.", the kernel reports "bpfilter write fail -22" multiple times.