diff --git a/pkg/plugin/conntrack/_cprog/conntrack.c b/pkg/plugin/conntrack/_cprog/conntrack.c
index dc05f1c64ef..3fadb36bdc2 100644
--- a/pkg/plugin/conntrack/_cprog/conntrack.c
+++ b/pkg/plugin/conntrack/_cprog/conntrack.c
@@ -7,6 +7,7 @@
 #include "compiler.h"
 #include "bpf_helpers.h"
 #include "conntrack.h"
+#include "string.h"
 
 struct tcpmetadata {
 	__u32 seq; // TCP sequence number
@@ -16,19 +17,23 @@ struct tcpmetadata {
 };
 
 struct conntrackmetadata {
-    __u8 traffic_direction; // This is the inital direction of the connection. It is set to egress if the connection is initiated from the host and ingress otherwise.
     /*
         bytes_*_count indicates the number of bytes sent and received in the forward and reply direction.
-        These will be reset to 0 every time an event is reported.
+        These will be reset to 0 every time a new packet is processed.
     */
     __u64 bytes_forward_count;
     __u64 bytes_reply_count;
     /*
         packets_*_count indicates the number of packets sent and received in the forward and reply direction.
-        These will be reset to 0 every time an event is reported.
+        These will be reset to 0 every time a new packet is processed.
     */
     __u64 packets_forward_count;
     __u64 packets_reply_count;
+    /*
+        This is the inital direction of the connection.
+        It is set to egress if the connection is initiated from the host and ingress otherwise.
+    */
+    __u8 traffic_direction;
 };
 
 struct packet
@@ -84,18 +89,7 @@ struct ct_entry {
      * before retina deployment and the SYN packet was not captured.
      */
     bool is_direction_unknown;
-        /*
-        bytes_*_count indicates the number of bytes sent and received in the forward and reply direction.
-        These will be reset to 0 every time an event is reported.
-    */
-    __u64 bytes_forward_count;
-    __u64 bytes_reply_count;
-    /*
-        packets_*_count indicates the number of packets sent and received in the forward and reply direction.
-        These will be reset to 0 every time an event is reported.
-    */
-    __u64 packets_forward_count;
-    __u64 packets_reply_count;
+    struct conntrackmetadata conntrack_metadata;
 };
 
 struct {
@@ -154,19 +148,18 @@ static __always_inline bool _ct_create_new_tcp_connection(struct packet *p, stru
     new_value.flags_seen_tx_dir = p->flags;
     new_value.is_direction_unknown = false;
     new_value.traffic_direction = _ct_get_traffic_direction(observation_point);
-    new_value.packets_forward_count = 1;
-    new_value.bytes_forward_count = p->bytes;
+    new_value.conntrack_metadata.packets_forward_count = 1;
+    new_value.conntrack_metadata.bytes_forward_count = p->bytes;
+    // The initial SYN is captured. Set the traffic direction of the connection.
+    // This is important for the case where the SYN packet is not captured
+    // and the connection is created with unknown direction.
+    new_value.conntrack_metadata.traffic_direction = new_value.traffic_direction;
     bpf_map_update_elem(&retina_conntrack, &key, &new_value, BPF_ANY);
     // Update packet
     p->is_reply = false;
     p->traffic_direction = new_value.traffic_direction;
     // Update initial conntrack metadata for the connection.
-    p->conntrack_metadata.bytes_forward_count = new_value.packets_forward_count;
-    p->conntrack_metadata.packets_forward_count = new_value.bytes_forward_count;
-    // The initial SYN is captured. Set the traffic direction of the connection.
-    // This is important for the case where the SYN packet is not captured
-    // and the connection is created with unknown direction.
-    p->conntrack_metadata.traffic_direction = new_value.traffic_direction;
+    memcpy(&p->conntrack_metadata, &new_value.conntrack_metadata, sizeof(struct conntrackmetadata));
     return true;
 }
 
@@ -188,16 +181,14 @@ static __always_inline bool _ct_handle_udp_connection(struct packet *p, struct c
     new_value.flags_seen_tx_dir = p->flags;
     new_value.last_report_tx_dir = now;
     new_value.traffic_direction = _ct_get_traffic_direction(observation_point);
-    new_value.packets_forward_count = 1;
-    new_value.bytes_forward_count = p->bytes;
+    new_value.conntrack_metadata.packets_forward_count = 1;
+    new_value.conntrack_metadata.bytes_forward_count = p->bytes;
     bpf_map_update_elem(&retina_conntrack, &key, &new_value, BPF_ANY);
     // Update packet
     p->is_reply = false;
     p->traffic_direction = new_value.traffic_direction;
     // Update packet's conntrack metadata.
-    p->conntrack_metadata.bytes_forward_count = new_value.bytes_forward_count;
-    p->conntrack_metadata.packets_forward_count = new_value.packets_forward_count;
-    p->conntrack_metadata.traffic_direction = new_value.traffic_direction;
+    memcpy(&p->conntrack_metadata, &new_value.conntrack_metadata, sizeof(struct conntrackmetadata));;
     return true;
 }
 
@@ -236,22 +227,19 @@ static __always_inline bool _ct_handle_tcp_connection(struct packet *p, struct c
         p->is_reply = true;
         new_value.flags_seen_rx_dir = p->flags;
         new_value.last_report_rx_dir = now;
-        new_value.bytes_reply_count = p->bytes;
-        new_value.packets_reply_count = 1;
+        new_value.conntrack_metadata.bytes_reply_count = p->bytes;
+        new_value.conntrack_metadata.packets_reply_count = 1;
         bpf_map_update_elem(&retina_conntrack, &reverse_key, &new_value, BPF_ANY);
     } else { // Otherwise, the packet is considered as a packet in the send direction.
         p->is_reply = false;
         new_value.flags_seen_tx_dir = p->flags;
         new_value.last_report_tx_dir = now;
-        new_value.bytes_forward_count = p->bytes;
-        new_value.packets_forward_count = 1;
+        new_value.conntrack_metadata.bytes_forward_count = p->bytes;
+        new_value.conntrack_metadata.packets_forward_count = 1;
         bpf_map_update_elem(&retina_conntrack, &key, &new_value, BPF_ANY);
     }
     // Update packet's conntrack metadata.
-    p->conntrack_metadata.bytes_forward_count = new_value.bytes_forward_count;
-    p->conntrack_metadata.bytes_reply_count = new_value.bytes_reply_count;
-    p->conntrack_metadata.packets_forward_count = new_value.packets_forward_count;
-    p->conntrack_metadata.packets_reply_count = new_value.packets_reply_count;
+    memcpy(&p->conntrack_metadata, &new_value.conntrack_metadata, sizeof(struct conntrackmetadata));
     return true;
 }
 
@@ -371,11 +359,10 @@ static __always_inline __attribute__((unused)) bool ct_process_packet(struct pac
         p->is_reply = false;
         p->traffic_direction = entry->traffic_direction;
         // Update packet count and bytes count on conntrack entry.
-        WRITE_ONCE(entry->packets_forward_count, READ_ONCE(entry->packets_forward_count) + 1);
-        WRITE_ONCE(entry->bytes_forward_count, READ_ONCE(entry->bytes_forward_count) + p->bytes);
+        WRITE_ONCE(entry->conntrack_metadata.packets_forward_count, READ_ONCE(entry->conntrack_metadata.packets_forward_count) + 1);
+        WRITE_ONCE(entry->conntrack_metadata.bytes_forward_count, READ_ONCE(entry->conntrack_metadata.bytes_forward_count) + p->bytes);
         // Update packet's conntract metadata.
-        p->conntrack_metadata.bytes_forward_count = entry->bytes_forward_count;
-        p->conntrack_metadata.packets_forward_count = entry->packets_forward_count;
+        memcpy(&p->conntrack_metadata, &entry->conntrack_metadata, sizeof(struct conntrackmetadata));
         return _ct_should_report_packet(entry, p->flags, CT_PACKET_DIR_TX, &key);
     }
     
@@ -392,11 +379,10 @@ static __always_inline __attribute__((unused)) bool ct_process_packet(struct pac
         p->is_reply = true;
         p->traffic_direction = entry->traffic_direction;
         // Update packet count and bytes count on conntrack entry.
-        WRITE_ONCE(entry->packets_reply_count, READ_ONCE(entry->packets_reply_count) + 1);
-        WRITE_ONCE(entry->bytes_reply_count, READ_ONCE(entry->bytes_reply_count) + p->bytes);
+        WRITE_ONCE(entry->conntrack_metadata.packets_reply_count, READ_ONCE(entry->conntrack_metadata.packets_reply_count) + 1);
+        WRITE_ONCE(entry->conntrack_metadata.bytes_reply_count, READ_ONCE(entry->conntrack_metadata.bytes_reply_count) + p->bytes);
         // Update packet's conntract metadata.
-        p->conntrack_metadata.bytes_reply_count = entry->bytes_reply_count;
-        p->conntrack_metadata.packets_reply_count = entry->packets_reply_count;
+        memcpy(&p->conntrack_metadata, &entry->conntrack_metadata, sizeof(struct conntrackmetadata));
         return _ct_should_report_packet(entry, p->flags, CT_PACKET_DIR_RX, &reverse_key);
     }
 
diff --git a/pkg/plugin/conntrack/conntrack_bpfel_x86.go b/pkg/plugin/conntrack/conntrack_bpfel_x86.go
index 7fe4957c181..a3a3a07951a 100644
--- a/pkg/plugin/conntrack/conntrack_bpfel_x86.go
+++ b/pkg/plugin/conntrack/conntrack_bpfel_x86.go
@@ -13,17 +13,21 @@ import (
 )
 
 type conntrackCtEntry struct {
-	EvictionTime        uint32
-	LastReportTxDir     uint32
-	LastReportRxDir     uint32
-	TrafficDirection    uint8
-	FlagsSeenTxDir      uint8
-	FlagsSeenRxDir      uint8
-	IsDirectionUnknown  bool
-	BytesForwardCount   uint64
-	BytesReplyCount     uint64
-	PacketsForwardCount uint64
-	PacketsReplyCount   uint64
+	EvictionTime       uint32
+	LastReportTxDir    uint32
+	LastReportRxDir    uint32
+	TrafficDirection   uint8
+	FlagsSeenTxDir     uint8
+	FlagsSeenRxDir     uint8
+	IsDirectionUnknown bool
+	ConntrackMetadata  struct {
+		BytesForwardCount   uint64
+		BytesReplyCount     uint64
+		PacketsForwardCount uint64
+		PacketsReplyCount   uint64
+		TrafficDirection    uint8
+		_                   [7]byte
+	}
 }
 
 type conntrackCtV4Key struct {
diff --git a/pkg/plugin/conntrack/conntrack_bpfel_x86.o b/pkg/plugin/conntrack/conntrack_bpfel_x86.o
index 4a2afcd8284..ebe86751b01 100644
Binary files a/pkg/plugin/conntrack/conntrack_bpfel_x86.o and b/pkg/plugin/conntrack/conntrack_bpfel_x86.o differ
diff --git a/pkg/plugin/dropreason/kprobe_bpfel_x86.o b/pkg/plugin/dropreason/kprobe_bpfel_x86.o
index e69de29bb2d..a0098ede384 100644
Binary files a/pkg/plugin/dropreason/kprobe_bpfel_x86.o and b/pkg/plugin/dropreason/kprobe_bpfel_x86.o differ
diff --git a/pkg/plugin/filter/filter_bpfel_x86.o b/pkg/plugin/filter/filter_bpfel_x86.o
index e69de29bb2d..bf6c879c816 100644
Binary files a/pkg/plugin/filter/filter_bpfel_x86.o and b/pkg/plugin/filter/filter_bpfel_x86.o differ
diff --git a/pkg/plugin/packetforward/packetforward_bpfel_x86.o b/pkg/plugin/packetforward/packetforward_bpfel_x86.o
index e69de29bb2d..5f175500269 100644
Binary files a/pkg/plugin/packetforward/packetforward_bpfel_x86.o and b/pkg/plugin/packetforward/packetforward_bpfel_x86.o differ
diff --git a/pkg/plugin/packetparser/packetparser_bpfel_x86.go b/pkg/plugin/packetparser/packetparser_bpfel_x86.go
index 92cbd5cd4dd..440a4ccc596 100644
--- a/pkg/plugin/packetparser/packetparser_bpfel_x86.go
+++ b/pkg/plugin/packetparser/packetparser_bpfel_x86.go
@@ -13,17 +13,21 @@ import (
 )
 
 type packetparserCtEntry struct {
-	EvictionTime        uint32
-	LastReportTxDir     uint32
-	LastReportRxDir     uint32
-	TrafficDirection    uint8
-	FlagsSeenTxDir      uint8
-	FlagsSeenRxDir      uint8
-	IsDirectionUnknown  bool
-	BytesForwardCount   uint64
-	BytesReplyCount     uint64
-	PacketsForwardCount uint64
-	PacketsReplyCount   uint64
+	EvictionTime       uint32
+	LastReportTxDir    uint32
+	LastReportRxDir    uint32
+	TrafficDirection   uint8
+	FlagsSeenTxDir     uint8
+	FlagsSeenRxDir     uint8
+	IsDirectionUnknown bool
+	ConntrackMetadata  struct {
+		BytesForwardCount   uint64
+		BytesReplyCount     uint64
+		PacketsForwardCount uint64
+		PacketsReplyCount   uint64
+		TrafficDirection    uint8
+		_                   [7]byte
+	}
 }
 
 type packetparserCtV4Key struct {
@@ -60,12 +64,12 @@ type packetparserPacket struct {
 	IsReply           bool
 	_                 [3]byte
 	ConntrackMetadata struct {
-		TrafficDirection    uint8
-		_                   [7]byte
 		BytesForwardCount   uint64
 		BytesReplyCount     uint64
 		PacketsForwardCount uint64
 		PacketsReplyCount   uint64
+		TrafficDirection    uint8
+		_                   [7]byte
 	}
 }
 
diff --git a/pkg/plugin/packetparser/packetparser_bpfel_x86.o b/pkg/plugin/packetparser/packetparser_bpfel_x86.o
index 2002b5e4f3e..d57a7d4a51f 100644
Binary files a/pkg/plugin/packetparser/packetparser_bpfel_x86.o and b/pkg/plugin/packetparser/packetparser_bpfel_x86.o differ
diff --git a/pkg/plugin/packetparser/packetparser_linux.go b/pkg/plugin/packetparser/packetparser_linux.go
index 5e63a2324ed..77ae49e060a 100644
--- a/pkg/plugin/packetparser/packetparser_linux.go
+++ b/pkg/plugin/packetparser/packetparser_linux.go
@@ -535,6 +535,20 @@ func (p *packetParser) processRecord(ctx context.Context, id int) {
 				continue
 			}
 
+			// Extract the conntrack metadata.
+			if &bpfEvent.ConntrackMetadata == nil {
+				p.l.Warn("Received bpfEvent with nil conntrack metadata", zap.Any("bpfEvent", bpfEvent))
+				continue
+			}
+
+			// Log the bpfEvent.
+			p.l.Debug("Received bpfEvent - packet conntrack metadata",
+				zap.Uint64("BytesForwardCount", bpfEvent.ConntrackMetadata.BytesForwardCount),
+				zap.Uint64("BytesReplyCount", bpfEvent.ConntrackMetadata.BytesReplyCount),
+				zap.Uint64("PacketsForwardCount", bpfEvent.ConntrackMetadata.PacketsForwardCount),
+				zap.Uint64("BytesReplyCount", bpfEvent.ConntrackMetadata.BytesReplyCount),
+				zap.Uint8("TrafficDirection", bpfEvent.ConntrackMetadata.TrafficDirection))
+
 			// Post processing of the bpfEvent.
 			// Anything after this is required only for Pod level metrics.
 			sourcePortShort := uint32(utils.HostToNetShort(bpfEvent.SrcPort))