Current conntrack creation path can run into rare race conditions, make
the creation process atomic.

As side-effect, this patch simplifies the conntrack core API.

This patch depends on [PATCH 4/10] and [PATCH 5/10]

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

-- 
The dawn of the fourth age of Linux firewalling is coming; a time of 
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris