So turning it off using the application doesn't turn off the GUFW System Firewall?
GUFW can be used to control your firewall. But it is not the firewall itself. GUFW is kind of like a control panel for UFW/iptables. It's a graphical frontend to allow you to easily configure and start/stop/restart your firewall.
If you open GUFW and turn the firewall OFF - then your systems firewall will be turned OFF and will not be restarted until you open GUFW again and select the option to restart the firewall.
But if you open GUFW and turn the firewall ON - exiting GUFW does NOT kill the firewall, it just exits GUFW.
So after starting the firewall, it will continue to run. Even when you restart your machine - From a fresh reboot - the firewall (iptables/UFW) WILL be started and ran.
But GUFW will NOT run until you choose to run it. Sure - you could set it up to run on startup if you wanted - but you don't need to. So what would be the point? That would be like a Windows user auto-starting control panel every time they logged into their PC. Normally, you'd only access control panel when you needed to. You wouldn't expect it to be running as soon as you reboot/log in!
So you don't need GUFW running at startup.
You only need to run GUFW when you want to enable, or disable the firewall, or to modify/add/remove firewall rules.
Typically after installing GUFW, you would run GUFW once, set up any additional firewall rules that you want and then enable the firewall, before exiting GUFW. Most users can just use the default set of rules and simply start the firewall. And that is it!
Exiting/ending GUFW will NOT kill the systems firewall, it will just kill GUFW. Unless you chose to disable the firewall before exiting GUFW - in which case - the firewall will be disabled until the next time you run GUFW and enable it.
I know in Windows you have these huge suites of security software constantly running in the background at startup and sitting in the sys-tray, hogging resources. So you might be expecting something similar in Linux. But GUFW isn't one of those sorts of programs. It is literally like a glorified on/off switch for your firewall!
Does that make sense?
BTW: Apologies if any of my post sounds like I'm ranting, or being sarcastic - I'm not trying to sound like a pompous arse - I'm just trying to explain as clearly and unambiguously as I can! :/