xt_socket module no longer enabled in stretch #2905
Description
I updated one of my 3b units to stretch, and my transparent proxy stopped working because the xt_socket iptables module is no longer enabled in the kernel configuration. This used to work on jessie (see below).
Could you set CONFIG_NETFILTER_XT_MATCH_SOCKET=m again like we had in 4.9? It's only 10k of code.
============
On jessie:
$ dmesg | grep Machine
[ 0.000000] OF: fdt:Machine model: Raspberry Pi 3 Model B Rev 1.2
$ uname -sr
Linux 4.9.35-v7+
$ zcat /proc/config.gz | grep MATCH_SOCKET
CONFIG_NETFILTER_XT_MATCH_SOCKET=m
$ ls -l /lib/modules/uname -r/kernel/net/netfilter/xt_socket.ko
-rw-r--r-- 1 root root 10348 Jul 3 2017 /lib/modules/4.9.35-v7+/kernel/net/netfilter/xt_socket.ko
On stretch:
$ dmesg | grep Machine
[ 0.000000] OF: fdt: Machine model: Raspberry Pi 3 Model B Rev 1.2
$ uname -sr
Linux 4.14.98-v7+
$ zcat /proc/config.gz | grep MATCH_SOCKET
$ ls -l /lib/modules/uname -r/kernel/net/netfilter/xt_socket.ko
ls: cannot access '/lib/modules/4.14.98-v7+/kernel/net/netfilter/xt_socket.ko': No such file or directory