...
If you insist on using UFW, make sure to change the setting to not drop forwarded packets. I will revisit this later as I do like UFW. Perhaps I can ask the developers to make port forwarding more straight-forward.
Installing UFW Also, firewalls as I understand work at the kernel level. So you should not be installing UFW or even IP Tables inside of a container is fine and has no issues.. Again, will revisit this topic.
Port Forwarding using IP Tables
You might want to use one IP Address on the host and then map specific ports out from the containers. As a pre-requisite you will need to setup Static LXC Assigned IP address.
...