Shoot, just signed up to say I have this exact problem with my self-hosted k3s cluster.
Just wanted to create a “secure” backyard cluster to test out stuff, but it’s really strange that it overlooks UFW rules.
I’m going to dive deeper than that, see what UFW does, and how Treafik is being affected by that.