Sorted out the issue. I've got systemd to also wait for ufw to load when starting fail2ban.
Fail2ban issues a many iptables commands in rapid succession and then it's database of banned IPs is large it takes a considerable amount of time for the firewall to be initialised. In the meanwhile anything issuing iptables commands quite likely fail as is it not possible to have more than one instance of iptables active at any one time. ufw script completes its tasks quickly so makes sense to force that service to start before the fail2ban service. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956029 Title: ufw remains inactive at boot time To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1956029/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs