All modern routers used in home networks do NAT by default. There are several unroutable IP ranges that they can use, although most will have IP addresses in the 192.168.*.* range for the local network.
All routers for home networks also have a built-in and inward-facing web server for configuration and status information, which you generally approach by typing “http://192.168.0.1/” or something similar into your web browser’s address bar ─ some use https instead of http.
ufw is a firewall. It blocks ports and/or IP ranges. NAT does not block ports or IP ranges ─ albeit that most routers do have a built-in firewall that you can activate via the web interface.
NAT takes traffic from any machine on your internal network that is intended for the internet, and then makes it appear to whatever server you’re connecting as if the traffic originates from the router’s public IP address. It then receives the reply and forwards it to the local machine that initiated the connection.
At no point will the external server on the internet know which local machine made the request, nor what subnet it is on, and even if it did, it wouldn’t be able to reach that machine, given that the subnet is unroutable. By this I mean that the IP address range used on your local network is not unique, just as that the IP address 127.0.0.1 will always point at the computer itself, on every computer, regardless of what operating system it uses.