Forum OpenACS Q&A: Web site connection problem

I am using cable modem at my home.  And I have setup a Linux
gateway/firewall (Redhat 6.2) to share the internet connection to my
home LAN.  Everything works fine.

Recently, I have setup a web site at one of my PC using AOLserver
(3.3+ad13) + PostgreSQL + OpenACS 3.2.5.  I also configure my gateway
to redirect port 80 requests to my web server.  But something strange
happens...

I find out that my site is reachable for users using direct
connection.  However, if the user is behind a firewall or NAT server,
he/she cannot reach my site.

I also find out that for the users that can reach my site, they can
ping and establish ssh connection to my gateway.  If the user is
behind a firewall/NAT server, my gateway is unreachable.  "Connection
Timeout" for ssh and telnet.  I am used to establish ssh connection
to other servers from my office, so I can sure that port 22 is not
blocked at my office.  But I fails to connect to the gateway at my
home from my office.

I think my web site configuration has no problem and the cause of the
problem maybe due to the gateway.  I am getting frustrated with it,
anyone can help?  Thanks in advance.

p.s. Maybe this thread is off-topic, but I have asked this question
in many newsgroups and this problem still unsolved.  I just do not
know how to fix it and hope that there will be some experts here can
help me.  I apologise for any inconvenience caused.

YES, I am using IP masq with ipchains under RH v6.2.  I will post my rc.firewall later today as I cannot reach my gateway at office, thanks.

Content of my rc.firewall:

/sbin/ipchains -F
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ

/sbin/ipchains -F
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ

EXTIP=`ifconfig eth0 | awk '/inet addr:/ { gsub(".*:", "", $2) ; print $2 }'`

/sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 80 -d $EXTIP/32 80 -j ACCEPT
/sbin/ipchains -A output -i eth0 -p tcp ! -y -s 192.168.0.100/32 80 -d 0.0.0.0/0 -j ACCEPT

/usr/sbin/ipmasqadm portfw -f

# The following ports are used by ICQ to receive files
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2000 -R 192.168.0.102 2000
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2001 -R 192.168.0.102 2001
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2002 -R 192.168.0.102 2002
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2003 -R 192.168.0.102 2003
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2004 -R 192.168.0.102 2004
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2005 -R 192.168.0.101 2005
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2006 -R 192.168.0.101 2006
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2007 -R 192.168.0.101 2007
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2008 -R 192.168.0.101 2008
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 2009 -R 192.168.0.101 2009

/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 80 -R 192.168.0.100 80

Two days before, something very strange happened. I have not done my configuration changes on my gateway, but I can connect to it from my office suddenly. During these two days, I had tried to connect to my gateway from office, sometimes fails but sometims success.

I really don't know what is going wrong, and the virtual domain of my site is bear.no-ip.com.

Hi Jun,

Firstly, thanks for your help.  But my problem is not related to my AOLserver.  The main problem now is that my gateway machine is unreachable outside my home LAN, even ping returns "request timeout".

After testing, I think that the problem is due to routing issue of my home LAN.  At my home, there are 1 gateway/firewall, 1 web server, and 3 PCs.  Yesterday, I found out that when all of my 3 PC was being turned off, my gateway was unreachable from outside.  Strangely, when I turned on any one of the PCs, my gateway was reachable again from machines outside my gateway/firewall.

Then I suspect that my problem is related to the routing policy of my gateway, am I right?  If so, what can I do?  Thanks in advance.