assuming you have ethereal or wireshark(console versions of both)
Code:
tethereal/tshark -i any -f 'host x.x.x.x and host y.y.y.y'
y.y.y.y should be the IP of your good interface, x.x.x.x above relates to your bad interface.
Watch that for a few minutes to see if the machine is making requests to the server, if so you might be able to go more verbose and see what exactly it's passing. Maybe it's a rouge heartbeat app of some kind(do you run any network process monitor app).
Blocking all except icmp on x.x.x.x isn't going to work as this is outbound trafic, your log is telling you that x.x.x.x is trying to connect to your other IP, and the reply from your other IP is getting dropped on the way back thanks to your iptables script.
You could also try
Code:
iptables -A OUTPUT -o <interface> -s x.x.x.x -d y.y.y.y -p tcp --dport 22 -j LOG
iptables -A OUTPUT -o <interface> -s x.x.x.x -d y.y.y.y -p tcp --dport 22 -j DROP
If something breaks, you've just found your culprit(and have kernel logs to see a little more info).