Added StructuredStats method to returned structured stat data

[asilvr]

This additional method maintains the currently available Stats method while adding a StructuredStats method, which returns structured data instead of a slice of string slices with statistics. This allows the caller to use a defined data structure for accessing fields in a specific statistic.

Although a caller could peer into the existing Stats method to determine what each field is, providing this abstraction allows for more portability/usability.

[squeed]

Is it possible that this will ever be 11? In other words, could iptables add new stats?

[asilvr]

I don't think this is likely, but it is possible.

I can omit this check and instead leave it to the parsing (mentioned below) to handle returning an error if the datatypes are mismatched or the number of fields is not within the expected range.

[asilvr]

I moved this check into the ParseStat method, but made it a minimum of 10 stats in a row to allow for forward compatibility.

[squeed]

Can you parse all numbers accordingly?

[asilvr]

Good catch. I will make this change.

[squeed]

I suggest you add a separate ParseStats function that just takes a []string and parses the stats accordingly.

[asilvr]

I originally was going to do exactly that. The only issue I foresee is that exposing a ParseStats method that accepts an arbitrary []string (or [][]string) may be subject to misuse.

Anyway, two questions I'm looking for your feedback on:

1. I can make a ParseStat(stat []string) (Stat, error) and/or a ParseStats(stats [][]string) ([]Stat, error). Any preference for either or both?

2. Would you like me to remove StructuredStats(table, chain string) ([]Stat, error) completely?

[asilvr]

BTW, I pushed up a contribution with ParseStat(stat []string) (Stat, error) and left StructuredStats(table, chain string) ([]Stat, error) for now pending feedback.

[squeed]

I forget - can these be hostnames, or do they have to be IP addresses? If they have to be IP addresses, can you parse them accordingly?

[asilvr]

The method Stats(...) uses the -n flag. From the man pages:

--numeric -n numeric output of addresses and ports

This shows the source and destination in CIDR format. Below is some output:

$ iptables --version
iptables v1.4.21
$ iptables -t filter -L INPUT -n -v -x
Chain INPUT (policy ACCEPT 12 packets, 857 bytes)
    pkts      bytes target     prot opt in     out     source               destination
       2      128 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3332
$ iptables -t filter -L INPUT  -v -x
Chain INPUT (policy ACCEPT 43 packets, 3073 bytes)
    pkts      bytes target     prot opt in     out     source               destination
       2      128 ACCEPT     tcp  --  any    any     anywhere             anywhere             tcp dpt:mcs-mailsvr

From this, we know it will be CIDR notation IP addresses.

We can call this struct NumericalStats to be more accurate. Since it's already granular, I don't think this is necessary.

[squeed]

FYI, I won't have computer access for a few weeks. So apologies in advance for the radio silence.

[asilvr]

Hi @squeed, just a friendly request to revisit this if appropriate. Thanks!

[squeed]

@asilvr sorry, this fell off the stack. Looks good to me!