netfilter: nft_ct: reject direction for ct id

Direction attribute is ignored, reject it in case this ever needs to be
supported

Fixes: 3087c3f ("netfilter: nft_ct: Add ct id support")
Signed-off-by: Pablo Neira Ayuso <[email protected]>

Author: ummakynes

net/netfilter/nft_ct.c

@@ -476,6 +476,9 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
 		break;
 #endif
 	case NFT_CT_ID:
+		if (tb[NFTA_CT_DIRECTION])
+			return -EINVAL;
+
 		len = sizeof(u32);
 		break;
 	default: