I also ran into a really odd iptables problem... when I meshed in the second app server node using wireguard, my egress filter rule was blocking outbound traffic on both hosts. After some fiddling, out of frustration, I flushed the rules out of iptables on both hosts - so no rules. And... iptables was still blocking the outbound traffic. I ended up having to reboot each host - and once I did that, things worked ok. Has anyone seen iptables go into zombie mode before?
@jerry
I once had problems because newer iptables on #debian is basically a compatibility layer using #nftables in the background. Flushing all rules with iptables would remove the nftables rules but not the #netfilter rules. I had to use iptables-legacy to flush the #netfilter rules.