1 files changed, 30 insertions, 0 deletions

diff --git a/lib/netfilter/ct.c b/lib/netfilter/ct.c
index 130f4b1..04f9d01 100644
--- a/lib/netfilter/ct.c
+++ b/lib/netfilter/ct.c
@@ -35,11 +35,19 @@ static uint64_t ntohll(uint64_t x)
 {
 	return x;
 }
+static uint64_t htonll(uint64_t x)
+{
+	return x;
+}
 #elif __BYTE_ORDER == __LITTLE_ENDIAN
 static uint64_t ntohll(uint64_t x)
 {
 	return bswap_64(x);
 }
+static uint64_t htonll(uint64_t x)
+{
+	return bswap_64(x);
+}
 #endif
 
 static struct nla_policy ct_policy[CTA_MAX+1] = {
@@ -520,9 +528,31 @@ static int nfnl_ct_build_message(const struct nfnl_ct *ct, int cmd, int flags,
 	if ((err = nfnl_ct_build_tuple(msg, ct, 0)) < 0)
 		goto err_out;
 
+	/* REPLY tuple is optional, dont add unless at least src/dst specified */
+
+	if ( nfnl_ct_get_src(ct, 1) && nfnl_ct_get_dst(ct, 1) )
+		if ((err = nfnl_ct_build_tuple(msg, ct, 1)) < 0)
+			goto err_out;
+
+	if (nfnl_ct_test_status(ct))
+		NLA_PUT_U32(msg, CTA_STATUS, htonl(nfnl_ct_get_status(ct)));
+
+	if (nfnl_ct_test_timeout(ct))
+		NLA_PUT_U32(msg, CTA_TIMEOUT, htonl(nfnl_ct_get_timeout(ct)));
+
+	if (nfnl_ct_test_mark(ct))
+		NLA_PUT_U32(msg, CTA_MARK, htonl(nfnl_ct_get_mark(ct)));
+
+	if (nfnl_ct_test_id(ct))
+		NLA_PUT_U32(msg, CTA_ID, htonl(nfnl_ct_get_id(ct)));
+
+	if (nfnl_ct_test_zone(ct))
+		NLA_PUT_U16(msg, CTA_ZONE, htons(nfnl_ct_get_zone(ct)));
+
 	*result = msg;
 	return 0;
 
+nla_put_failure:
 err_out:
 	nlmsg_free(msg);
 	return err;