From 6361fd377416593322a9b5ee8e8c867d70754e03 Mon Sep 17 00:00:00 2001
From: dangeist <dan@polter.net>
Date: Wed, 12 Sep 2018 14:47:45 -0400
Subject: [PATCH] Allow alternate binaries for iptables input plugin. (#4682)

---
 etc/telegraf.conf                   |  2 ++
 plugins/inputs/iptables/README.md   |  2 ++
 plugins/inputs/iptables/iptables.go | 11 ++++++++++-
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/etc/telegraf.conf b/etc/telegraf.conf
index 9315aa457..11842e7e1 100644
--- a/etc/telegraf.conf
+++ b/etc/telegraf.conf
@@ -2004,6 +2004,8 @@
 #   ## Setting 'use_lock' to true runs iptables with the "-w" option.
 #   ## Adjust your sudo settings appropriately if using this option ("iptables -wnvl")
 #   use_lock = false
+#   ## Define an alternate executable, such as "ip6tables". Default is "iptables".
+#   # binary = "ip6tables"
 #   ## defines the table to monitor:
 #   table = "filter"
 #   ## defines the chains to monitor.
diff --git a/plugins/inputs/iptables/README.md b/plugins/inputs/iptables/README.md
index 527723f09..03bf784e6 100644
--- a/plugins/inputs/iptables/README.md
+++ b/plugins/inputs/iptables/README.md
@@ -45,6 +45,8 @@ Defining multiple instances of this plugin in telegraf.conf can lead to concurre
   use_sudo = false
   # run iptables with the lock option
   use_lock = false
+  # Define an alternate executable, such as "ip6tables". Default is "iptables".
+  # binary = "ip6tables"
   # defines the table to monitor:
   table = "filter"
   # defines the chains to monitor:
diff --git a/plugins/inputs/iptables/iptables.go b/plugins/inputs/iptables/iptables.go
index 01041fcc1..21f6642a9 100644
--- a/plugins/inputs/iptables/iptables.go
+++ b/plugins/inputs/iptables/iptables.go
@@ -17,6 +17,7 @@ import (
 type Iptables struct {
 	UseSudo bool
 	UseLock bool
+	Binary  string
 	Table   string
 	Chains  []string
 	lister  chainLister
@@ -38,6 +39,8 @@ func (ipt *Iptables) SampleConfig() string {
   ## Setting 'use_lock' to true runs iptables with the "-w" option.
   ## Adjust your sudo settings appropriately if using this option ("iptables -wnvl")
   use_lock = false
+  ## Define an alternate executable, such as "ip6tables". Default is "iptables".
+  # binary = "ip6tables"
   ## defines the table to monitor:
   table = "filter"
   ## defines the chains to monitor.
@@ -70,7 +73,13 @@ func (ipt *Iptables) Gather(acc telegraf.Accumulator) error {
 }
 
 func (ipt *Iptables) chainList(table, chain string) (string, error) {
-	iptablePath, err := exec.LookPath("iptables")
+	var binary string
+	if ipt.Binary != "" {
+		binary = ipt.Binary
+	} else {
+		binary = "iptables"
+	}
+	iptablePath, err := exec.LookPath(binary)
 	if err != nil {
 		return "", err
 	}