First, thanks for answering and Happy New Year!
Yes, I did set up the server myself, and have rebooted at least once since this started happening. If I recall it was worse before the reboot, then it seemed to not allow anyone online, now it blocks just one computer, or only a few. My first concern of course is fixing it, but there is a bigger long term question about security and reliability: Since both these seemingly false routes and entries in hosts.deny blocking some of the same addresses like 192.168.31.2 appeared at the same time, is it likely it was hacked? I took all sorts of precautions, like using ssh (never telnet), restricting webmin to only being administered by certain known IP addresses, etc. In fact I've checked the output of last, which shows nothing suspicious, and installed portsentry to guard against attempts at hacking, and I'm almost beginning to think it was one of my precautions that automatically blocked this stuff in an overzealous attempt to protect itself.
Output of ls -la /etc/network/if-up.d
$ ls -la /etc/network/if-up.d
drwxr-xr-x 2 root root 4096 2006-12-21 10:29 .
drwxr-xr-x 6 root root 4096 2006-11-30 17:58 ..
-rwxr-xr-x 1 root root 1386 2006-05-23 03:39 mountnfs
-rwxr-xr-x 1 root root 551 2006-05-28 19:48 ntpdate
-rwxr-xr-x 1 root root 157 2006-05-28 19:48 ntp-server
-rwxr-xr-x 1 root root 1120 2006-06-08 01:22 postfix
I guess in your next question is about /etc/network/interfaces, because there is no networking in /etc.
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo eth1 eth0
iface lo inet loopback
# The primary network interface
iface eth1 inet static
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 126.96.36.199 188.8.131.52 184.108.40.206
iface eth0 inet static
pre-up iptables-restore < /etc/iptables.up.rules