diff --git a/expr/ct.go b/expr/ct.go
index 1a0ee68..689a0b2 100644
--- a/expr/ct.go
+++ b/expr/ct.go
@@ -61,6 +61,7 @@ type Ct struct {
 	Register       uint32
 	SourceRegister bool
 	Key            CtKey
+	Direction      uint32
 }
 
 func (e *Ct) marshal(fam byte) ([]byte, error) {
@@ -91,6 +92,19 @@ func (e *Ct) marshal(fam byte) ([]byte, error) {
 	}
 	exprData = append(exprData, regData...)
 
+	switch e.Key {
+	case CtKeySRC, CtKeyDST, CtKeyPROTOSRC, CtKeyPROTODST:
+		regData, err = netlink.MarshalAttributes(
+			[]netlink.Attribute{
+				{Type: unix.NFTA_CT_DIRECTION, Data: binaryutil.BigEndian.PutUint32(e.Direction)},
+			},
+		)
+		if err != nil {
+			return nil, err
+		}
+		exprData = append(exprData, regData...)
+	}
+
 	return netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_EXPR_NAME, Data: []byte("ct\x00")},
 		{Type: unix.NLA_F_NESTED | unix.NFTA_EXPR_DATA, Data: exprData},
@@ -109,6 +123,8 @@ func (e *Ct) unmarshal(fam byte, data []byte) error {
 			e.Key = CtKey(ad.Uint32())
 		case unix.NFTA_CT_DREG:
 			e.Register = ad.Uint32()
+		case unix.NFTA_CT_DIRECTION:
+			e.Direction = ad.Uint32()
 		}
 	}
 	return ad.Err()