lo ate my ip address

That configuration doesn't look correct; surely you only want to masquerade packets which are leaving on certain interfaces (e.g., -o eth0), and not _every_ packet leaving the system. Try fixing that, and see if the problem goes away.

Of course, a working configuration (even an incorrect one) shouldn't be affected by a security update if we can help it. Did you verify that booting the old kernel restored the old behaviour?

Thanks,

Please note that while this setup is not "recommended", it is still a valid setup.

I've tried the old 2.6.20-15-generic kernel as you suggested and found it behaves the same: "lo ate my ip address" surprising me and wondering why didn't I notice this before. So, _it seems this is not a 2.6.20-16-generic related bug_.

I found what the problem seems to be. When ubuntu starts, it has no ip address 'assigned' to the interface, just the alias eth0:avahi. Example from runlevel 1:
root@amartoq-dell:~# iptables -t nat -A POSTROUTING -o lo -j MASQUERADE
root@amartoq-dell:~# ip a
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:43:77:2a:1d brd ff:ff:ff:ff:ff:ff
    inet 169.254.3.54/16 brd 169.254.255.255 scope link eth0:avahi
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:12:f0:3a:2b:c0 brd ff:ff:ff:ff:ff:ff
    inet 169.254.7.13/16 brd 169.254.255.255 scope link eth1:avahi
root@amartoq-dell:~# ping -c 1 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
ping: sendmsg: Operation not permitted

If you add an ip (maybe from dhcp), it works again.

root@amartoq-dell:~# ip a add 1.2.3.4/32 dev eth0
root@amartoq-dell:~# ip a
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:43:77:2a:1d brd ff:ff:ff:ff:ff:ff
    inet 1.2.3.4/32 scope global eth0
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:12:f0:3a:2b:c0 brd ff:ff:ff:ff:ff:ff
    inet 169.254.7.13/16 brd 169.254.255.255 scope link eth1:avahi
root@amartoq-dell:~# !ping
ping -c 1 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.050 ms

--- 127.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.050/0.050/0.050/0.000 ms

I'm compiling/checking with new/old kernels to see if this thing has been around. I'm kind of sure I've been totally unplugged before and didn't happened this to me.

Thanks for your time,

Thanks for taking the time to report this bug and helping to make Ubuntu better. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

Beginning with the Hardy Heron 8.04 development cycle, all open Ubuntu kernel bugs need to be reported against the "linux" kernel package. We are automatically migrating this bug to the new "linux" package. However, development has already began for the upcoming Intrepid Ibex 8.10 release. It would be helpful if you could test the upcoming release and verify if this is still an issue - http://www.ubuntu.com/testing . If the issue still exists, please update this report by changing the Status of the "linux" task from "Incomplete" to "New". We appreciate your patience and understanding as we make this transition. Thanks!

The Ubuntu Kernel Team is planning to move to the 2.6.27 kernel for the upcoming Intrepid Ibex 8.10 release. As a result, the kernel team would appreciate it if you could please test this newer 2.6.27 Ubuntu kernel. There are one of two ways you should be able to test:

1) If you are comfortable installing packages on your own, the linux-image-2.6.27-* package is currently available for you to install and test.

--or--

2) The upcoming Alpha5 for Intrepid Ibex 8.10 will contain this newer 2.6.27 Ubuntu kernel. Alpha5 is set to be released Thursday Sept 4. Please watch http://www.ubuntu.com/testing for Alpha5 to be announced. You should then be able to test via a LiveCD.

Please let us know immediately if this newer 2.6.27 kernel resolves the bug reported here or if the issue remains. More importantly, please open a new bug report for each new bug/regression introduced by the 2.6.27 kernel and tag the bug report with 'linux-2.6.27'. Also, please specifically note if the issue does or does not appear in the 2.6.26 kernel. Thanks again, we really appreicate your help and feedback.

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!