I am having some issues with my internal IP's being leaked through my gateway, to a few specific IP addresses. I have tried both "rolling my own" iptables setup (very simple, only port 80 open, using either masquerade or SNAT), as well as the ipkungfu script, and see the issue across either way, and even on multiple machines/distros. The issue in question occurs when visiting http://forums.corvetteforum.com. One of their "ad" suppliers has the ip address, 66.110.24.220. Connections to this IP are leaving my external device with my internal IP. This was verified both from logs from my network admin's router, as well as by using ethereal on the gateway machine, and analyzing eth1 (external device) for any packets leaving with a source of 192.168.2.0/24. I only see connections to this particular IP with the internal address (every thing else leaves with the correct, external IP). For now, I have simply banned this IP, but I am afraid it may start occuring elsewhere, and the network admin has threatened to kick this box off the network if it happens again. Is there a rule to disallow any outgoing network connection with an internal IP? Why would masquerading be allowing this? I am pretty confused. I am currently running Mandriva 2006, with the 2.6.12 kernel, and would be happy to supply any other info that may be necessary to solve this. -Mark
