My workstation has 3 NICs on it. The onboard NIC, eth0 is a realtek device. The other nics (eth1 and eth2) are an intel dual-nic pci-e plugin card.
I use eth0 for my internet connection. The other 2 are used for various development purposes. Usually my workstation is configured as a router, and I will connect eth1 and eth2 to eth0 using iptables with snat. Historically this has worked fine and allows me to conveniently examine packets as they flow through my machine, while giving me full control over the interfaces...which is really helpful during some of my development.
As I write this, I have a device with 2 WANs connected to eth1 and eth2 (one wan to each connection) and each wan is pinging to a different DNS server.
Also as I write this, I have no rules connecting eth1 or eth2 to eth0. There are no bridges defined (by me, anyway). Traffic from that device into these nics should go nowhere.
Nonetheless, pings from the device connected to eth1 and eth2 are going out eth0, with no NAT. In fact, my iptables rules at this time are having no effect at all on these nics. I have even killed ALL my firewall rules, which results in all my internet traffic being killed - except for these pings. Both NICs are bridged to eth0, I didn't do it, and I see nowhere where this shows and I don't know how to stop it short of a reboot (which I will do in a few minutes). When I take down the interfaces, the pings stop. When I bring them back up and assign IP addresses, the pings promptly resume.
There are a couple of host-only virtual lans running in this workstation. This is how I control Windows VMs mostly. These host only VMs are working as expected; I can allow and deny access to the internet by using iptables rules. Only the physical NICs have gone crazy.
I am assuming that the Great, the Wonderful, systemd is doing something. But I have no idea what.
Does anyone here have any idea what might be causing this?