in my opinion something is completely wrong with my 2.4.23 kernel. i just used another server of mine to reproduce the same situation. for this purpose i compiled a completely new 2.4.23 kernel with advanced routing and netfilter and whatever support and installed fresh versions of the iptables and iproute2 package with the debian system (using 'stable'). because the host only has 1 ethernet interface i used a ppp-over-ssh tunnel to simulate routing behaviour. in just plain routing mode everything was fine, packets has been routed from the lan through the ppp tunnel and back. then i added a firewall rule "iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE" is anything wrong with it?? well do make it short: it changed nothing. packets still get un-masqueraded out of ppp0 with local lan ips. i really dont understand that. kernel new, iptables new, iproute new. no modules, all network stuff statically built in. and its the 2nd server which shows strange behaviour with this configuration. cant believe its a problem with me. i'm just downloading the 2.4.24 kernelsource and will try with that kernel.
