...

I actually use both techniques together.

UFW

UFW in the Host

UFW is a great simple firewall, but at this point I do not recommend installing on your host. First, port forwarding is overly complex and seems like a hack versus it being very simple with IP Tables. 

If you insist on using UFW, make sure to change the setting to not drop forwarded packets. I will revisit this later as I do like UFW. Perhaps I can ask the developers to make port forwarding more straight-forward.

UFW in a Container

Also, firewalls as I understand work at the kernel level. So you should not be installing UFW or even IP Tables inside of a container for now. Again,

I will revisit this topic ,but believe it is due to modules not loading inside of containers /etc/modules and the container not being able to modify it.

 sudo ufw allow 22
ERROR: initcaps
[Errno 2] modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file '/lib/modules/3.13.0-57-generic/modules.dep.bin'
ip6tables v1.4.21: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

...