I have used this technique for a few years now so thought I should post it here as it doesn’t appear to break.
Last done on 2 plesk servers and a naked server (no control panel) this week all using various sub versions of Cent 6.x.
Replace XXX.XXX.XXX.XXX with the destination servers IP address.
WARNING: Use this technique at your own risk. Ensure that you have a way of getting to the server to turn the firewall off. For example a KVM.
sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination XXX.XXX.XXX.XXX:80 iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination XXX.XXX.XXX.XXX:25 iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination XXX.XXX.XXX.XXX:587 iptables -t nat -A PREROUTING -p tcp --dport 110 -j DNAT --to-destination XXX.XXX.XXX.XXX:110 iptables -t nat -A PREROUTING -p tcp --dport 465 -j DNAT --to-destination XXX.XXX.XXX.XXX:465 iptables -t nat -A PREROUTING -p tcp --dport 21 -j DNAT --to-destination XXX.XXX.XXX.XXX:21 iptables -t nat -A PREROUTING -p tcp --dport 143 -j DNAT --to-destination XXX.XXX.XXX.XXX:143 iptables -t nat -A PREROUTING -p tcp --dport 993 -j DNAT --to-destination XXX.XXX.XXX.XXX:993 iptables -t nat -A PREROUTING -p tcp --dport 995 -j DNAT --to-destination XXX.XXX.XXX.XXX:995 iptables -t nat -A POSTROUTING -j MASQUERADE
Prior to doing this I create a file called server.html on both servers in the root web with “Old Server” and “New Server” as the contents so I can see what server is being served on the main domain name.
Note I don’t redirect SSH or Plesk as I need to be able to access these per server still.
Leave a Reply