diff --git a/.gitignore b/.gitignore
index 983f3f2..7f27ac1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/libnetfilter_conntrack-1.0.4.tar.bz2
+SOURCES/libnetfilter_conntrack-1.0.6.tar.bz2
diff --git a/.libnetfilter_conntrack.metadata b/.libnetfilter_conntrack.metadata
index 5ec7ce8..53ed0a4 100644
--- a/.libnetfilter_conntrack.metadata
+++ b/.libnetfilter_conntrack.metadata
@@ -1 +1 @@
-34fae1a30cbd51d46945e9f35790118c3462b0c6 SOURCES/libnetfilter_conntrack-1.0.4.tar.bz2
+015f985a8e171889a67769ba02d070eca53bac07 SOURCES/libnetfilter_conntrack-1.0.6.tar.bz2
diff --git a/SOURCES/libnetfilter_conntrack-break.patch b/SOURCES/libnetfilter_conntrack-break.patch
new file mode 100644
index 0000000..2051096
--- /dev/null
+++ b/SOURCES/libnetfilter_conntrack-break.patch
@@ -0,0 +1,23 @@
+commit f68f7b30f504c556581bc41159c1b53278b3fc8e
+Author: Ken-ichirou MATSUZAWA <chamaken@gmail.com>
+Date:   Tue Feb 28 13:55:26 2017 +0900
+
+    conntrack: fix missing break in setobjopt_undo_dnat()
+    
+    Otherwise we fall into the IPv6 case.
+    
+    Signed-off-by Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
+    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/src/conntrack/objopt.c b/src/conntrack/objopt.c
+index 119a83a..fb43d6c 100644
+--- a/src/conntrack/objopt.c
++++ b/src/conntrack/objopt.c
+@@ -81,6 +81,7 @@ static void setobjopt_undo_dnat(struct nf_conntrack *ct)
+ 		ct->dnat.max_ip.v4 = ct->dnat.min_ip.v4;
+ 		ct->repl.src.v4 = ct->head.orig.dst.v4;
+ 		set_bit(ATTR_DNAT_IPV4, ct->head.set);
++		break;
+ 	case AF_INET6:
+ 		memcpy(&ct->dnat.min_ip.v6, &ct->repl.src.v6,
+ 		       sizeof(struct in6_addr));
diff --git a/SOURCES/libnetfilter_conntrack-getobjopt_is_nat.patch b/SOURCES/libnetfilter_conntrack-getobjopt_is_nat.patch
new file mode 100644
index 0000000..1220889
--- /dev/null
+++ b/SOURCES/libnetfilter_conntrack-getobjopt_is_nat.patch
@@ -0,0 +1,44 @@
+commit 79dac5ac16ffe102b120c00600fb97653fe49c4b
+Author: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
+Date:   Tue Feb 28 11:34:29 2017 +0900
+
+    conntrack: revert getobjopt_is_nat() condition
+    
+    getobjopt_is_nat() used to work even if no status bits where set, by
+    checking if addresses don't match. Restore this behaviour for
+    compatibility reasons.
+    
+    Fixes: 73ad642ba462 ("src: add support for IPv6 NAT")
+    Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
+    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/src/conntrack/objopt.c b/src/conntrack/objopt.c
+index fb43d6c..1581480 100644
+--- a/src/conntrack/objopt.c
++++ b/src/conntrack/objopt.c
+@@ -144,10 +144,8 @@ int __setobjopt(struct nf_conntrack *ct, unsigned int option)
+ 
+ static int getobjopt_is_snat(const struct nf_conntrack *ct)
+ {
+-	if (!(test_bit(ATTR_STATUS, ct->head.set)))
+-		return 0;
+-
+-	if (!(ct->status & IPS_SRC_NAT_DONE))
++	if (test_bit(ATTR_STATUS, ct->head.set) &&
++	    !(ct->status & IPS_SRC_NAT_DONE))
+ 		return 0;
+ 
+ 	switch (ct->head.orig.l3protonum) {
+@@ -166,10 +164,8 @@ static int getobjopt_is_snat(const struct nf_conntrack *ct)
+ 
+ static int getobjopt_is_dnat(const struct nf_conntrack *ct)
+ {
+-	if (!(test_bit(ATTR_STATUS, ct->head.set)))
+-		return 0;
+-
+-	if (!(ct->status & IPS_DST_NAT_DONE))
++	if (test_bit(ATTR_STATUS, ct->head.set) &&
++	    !(ct->status & IPS_DST_NAT_DONE))
+ 		return 0;
+ 
+ 	switch (ct->head.orig.l3protonum) {
diff --git a/SPECS/libnetfilter_conntrack.spec b/SPECS/libnetfilter_conntrack.spec
index c710400..43c9505 100644
--- a/SPECS/libnetfilter_conntrack.spec
+++ b/SPECS/libnetfilter_conntrack.spec
@@ -1,6 +1,6 @@
 Name:           libnetfilter_conntrack
-Version:        1.0.4
-Release:        2%{?dist}
+Version:        1.0.6
+Release:        1%{?dist}
 Summary:        Netfilter conntrack userspace library
 Group:          System Environment/Libraries
 License:        GPLv2+
@@ -10,15 +10,18 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  libnfnetlink-devel >= 1.0.1, pkgconfig, kernel-headers, libmnl-devel >= 1.0.3
 
+Patch1:         libnetfilter_conntrack-break.patch
+Patch2:         libnetfilter_conntrack-getobjopt_is_nat.patch
+
 %description
-libnetfilter_conntrack is a userspace library providing a programming 
+libnetfilter_conntrack is a userspace library providing a programming
 interface (API) to the in-kernel connection tracking state table.
 
 %package        devel
 Summary:        Netfilter conntrack userspace library
 Group:          Development/Libraries
 Requires:       %{name} = %{version}-%{release}, libnfnetlink-devel >= 1.0.1
-Requires:	kernel-headers
+Requires:       kernel-headers
 
 %description    devel
 libnetfilter_conntrack is a userspace library providing a programming
@@ -27,13 +30,15 @@ interface (API) to the in-kernel connection tracking state table.
 %prep
 %setup -q
 
+%patch1 -p1
+%patch2 -p1
+
 # (valid for 1.0.3, may break newer releases)
 # Remove outdated files that confuse various helper scripts.
 rm compile config.guess config.sub depcomp install-sh ltmain.sh missing
 
 %build
 %configure --disable-static --disable-rpath
-
 make %{?_smp_mflags}
 
 %install
@@ -60,6 +65,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_includedir}/libnetfilter_conntrack/*.h
 
 %changelog
+* Fri Mar 03 2017 Paul Wouters <pwouters@redhat.com> - 1.0.6-1
+- Resolves: rhbz#1426412 libnetfilter_conntrack does not support Ipv6 NAT
+
 * Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.0.4-2
 - Mass rebuild 2014-01-24