iptables 1.3.3 assumes that ipt_scpt.h defines ELEMCOUNT, but ipt_scpt.h
moved to ARRAY_SIZE (which would be defined in linux/kernel.h).
The ip_conntrack_dir definition now resides in linux/netfilter/ip_conntrack_common.h

--- linux-libc-headers-2.6.15.99/include/linux/netfilter_ipv4/ipt_sctp.h.orig	2006-03-20 22:03:04.000000000 +0100
+++ linux-libc-headers-2.6.15.99/include/linux/netfilter_ipv4/ipt_sctp.h	2006-03-20 22:07:09.000000000 +0100
@@ -7,6 +7,8 @@
 
 #define IPT_SCTP_VALID_FLAGS		0x07
 
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+#define ELEMCOUNT(x) (sizeof(x) / sizeof((x)[0]))
 
 struct ipt_sctp_flag_info {
 	u_int8_t chunktype;
--- linux-libc-headers-2.6.15.99/include/linux/netfilter_ipv4/ip_conntrack_tuple.h.orig	2006-03-20 21:51:10.000000000 +0100
+++ linux-libc-headers-2.6.15.99/include/linux/netfilter_ipv4/ip_conntrack_tuple.h	2006-03-20 21:51:12.000000000 +0100
@@ -89,13 +89,6 @@
 		(tuple)->dst.u.all = 0;				\
 	} while (0)
 
-enum ip_conntrack_dir
-{
-	IP_CT_DIR_ORIGINAL,
-	IP_CT_DIR_REPLY,
-	IP_CT_DIR_MAX
-};
-
 static inline int ip_ct_tuple_src_equal(const struct ip_conntrack_tuple *t1,
 				        const struct ip_conntrack_tuple *t2)
 {