[CTNETLINK] Fix expectaction mask dumping

The expectation mask has some particularities that make handle in a
different way. The protocol number fields can be set to non-valid
protocols, ie. l3num is set to 0xFFFF. Since that protocol does not
exist, the mask tuple will not be dumped. Moreover, this results in a
kernel panic when nf_conntrack accesses the array of protocol handlers,
that is PF_MAX (0x1F) long.

This patch introduces the function ctnetlink_exp_dump_mask, that
correctly dumps the expectation mask. Such function uses the l3num value
from the expectation tuple that is a valid layer 3 protocol number.

Besides, this modification introduces the attribute CTA_IP_L3NUM.
Although the layer 3 protocol information is sent in the nfnetlink
header, if the message contains information about an expectation, it
will contain information about the master conntrack (just one of the
tuples), the expectation tuple and the expectation mask. In this case,
the value of l3num in the expectation mask is not the same that is set
in the nfnetlink message. That is why we need another field that contain
the value of l3num.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

-- 
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris