port-nat - allows you to trap all available ports to the web server.

port-nat.sh

#!/bin/bash

set -e

case "$1" in
	start)
		iptables -t nat -F
		iptables -t nat -X
		
		PORTS=(22 80 443)
		PSTART=20
		PEND=1000
		
		for PORT in "${PORTS[@]}"
		do
			iptables -t nat -A PREROUTING -i eth0 -p tcp --dport ${PSTART}:$(( $PORT - 1 )) -j REDIRECT --to-port 80
			PSTART=$(( $PORT + 1 ))
		done
		iptables -t nat -A PREROUTING -i eth0 -p tcp --dport ${PSTART}:${PEND} -j REDIRECT --to-port 80
		
		iptables -L -t nat --line-numbers
		;;
	stop)
		iptables -t nat -F
		iptables -t nat -X
		;;
	*)
		echo "Usage: $0 {start|stop}"
		exit 1
		;;
esac

exit 0

scan-ports.sh

#!/bin/bash

IP=$1
PSTART=$2
PEND=$3

if [ "$IP" == "" ]
then
	IP=127.0.0.1
fi

if [ "$PSTART" == "" ]
then
	PSTART=20
fi

if [ "$PEND" == "" ]
then
	PEND=1000
fi

for PORT in $(seq $PSTART $PEND)
do
	nc -z -w1 $IP $PORT
	if [ "$?" == "1" ]
	then
		echo "port $PORT blocked"
	fi
done

Put port-nat.sh on the target server.
Change the settings if needed.
Run ./port-nat.sh start to set the rules and ./port-nat.sh stop to remove the rules.
From your location run ./scan-ports.sh SERVER_IP START_PORT END_PORT to run the scan against the now open ports on your server and get a list of blocked or closed ports