These changes to libnetfilter-conntrack and conntrack-tools allow to dump the connection tracking table while suppressing entries that lack the given status bits. This allows for example to limit the dump rquest to only contain entries that did not yet see a reply. First patch syncs the embedded uapi header with that of nf-next, second patch adds the status dump filter glue to libnetfilter-conntrack. Patch 3 is the main change. Patch 4 adds support for the simpler 'UNREPLIED' keyword, this seems easier to use than to ask for '!SEEN_REPLY'.
