I get this from time to time on Debian systems, and it always takes me a while to track down the problem. It usually has to do with the ipmasq package. I am generally able to correct the situation by running `sudo /etc/init.d/ipmasq restart`. I believe ipmasq is being started before my second interface is up, and is thus creating some Bad Rules.
ipmasq is also responsible for being overwhelmed with messages like the following (currently I’m unable to stop these):
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:60:9f:90:48:16:08:00 SRC=18.104.22.168 DST=22.214.171.124 LEN=85 TOS=0x00 PREC=0x00 TTL=64 ID=10481 PROTO=UDP SPT=1024 DPT=1319 LEN=65
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:60:9f:90:38:56:08:00 SRC=126.96.36.199 DST=188.8.131.52 LEN=85 TOS=0x00 PREC=0x00 TTL=64 ID=17141 PROTO=UDP SPT=1025 DPT=1319 LEN=65
IN=eth0 OUT= MAC=00:1a:a0:84:b5:76:00:17:f2:c8:51:96:08:00 SRC=184.108.40.206 DST=220.127.116.11 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=22751 PROTO=ICMP TYPE=8 CODE=0 ID=26883 SEQ=499
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:7e:0c:87:08:00 SRC=18.104.22.168 DST=255.255.255.255 LEN=590 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=2160 DPT=3052 LEN=570