2 files changed, 54 insertions, 23 deletions

diff --git a/src/expect/api.c b/src/expect/api.c
index 127846a..5c3868c 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -43,6 +43,35 @@ void nfexp_destroy(struct nf_expect *exp)
 }
 
 /**
+ * nfexp_sizeof - return the size in bytes of a certain expect object
+ * @exp: pointer to the expect object
+ */
+size_t nfexp_sizeof(const struct nf_expect *exp)
+{
+	assert(exp != NULL);
+	return sizeof(*exp);
+}
+
+/**
+ * nfexp_maxsize - return the maximum size in bytes of a expect object
+ *
+ * Use this function if you want to allocate a expect object in the stack
+ * instead of the heap. For example:
+ *
+ * char buf[nfexp_maxsize()];
+ * struct nf_expect *exp = (struct nf_expect *) buf;
+ * memset(exp, 0, nfexp_maxsize());
+ *
+ * Note: As for now this function returns the same size that nfexp_sizeof(exp)
+ * does although _this could change in the future_. Therefore, do not assume
+ * that nfexp_sizeof(exp) == nfexp_maxsize().
+ */
+size_t nfexp_maxsize()
+{
+	return sizeof(struct nf_expect);
+}
+
+/**
  * nfexp_clone - clone a expectation object
  * @exp: pointer to a valid expectation object
  *
diff --git a/src/expect/build.c b/src/expect/build.c
index 501263a..0415621 100644
--- a/src/expect/build.c
+++ b/src/expect/build.c
@@ -21,35 +21,37 @@ int __build_expect(struct nfnl_subsys_handle *ssh,
 		   u_int16_t flags,
 		   const struct nf_expect *exp)
 {
-	u_int8_t l3num = exp->master.tuple[NFCT_DIR_ORIGINAL].l3protonum;
+	u_int8_t l3num;
 
-	if (!test_bit(ATTR_ORIG_L3PROTO, exp->master.set)) {
-		errno = EINVAL;
-		return -1;
-	}
+	if (test_bit(ATTR_ORIG_L3PROTO, exp->master.set))
+		l3num = exp->master.tuple[NFCT_DIR_ORIGINAL].l3protonum;
+	else if (test_bit(ATTR_ORIG_L3PROTO, exp->expected.set))
+		l3num = exp->expected.tuple[NFCT_DIR_ORIGINAL].l3protonum;
 
 	memset(req, 0, size);
 
 	nfnl_fill_hdr(ssh, &req->nlh, 0, l3num, 0, type, flags);
 
-	__build_tuple(req,
-		      size,
-		      &exp->expected.tuple[__DIR_ORIG],
-		      CTA_EXPECT_TUPLE);
-
-	/* get and delete only require the expectation tuple */
-	if (type == IPCTNL_MSG_EXP_GET || type == IPCTNL_MSG_EXP_DELETE)
-		return 0;
-
-	__build_tuple(req,
-		      size,
-		      &exp->master.tuple[__DIR_ORIG],
-		      CTA_EXPECT_MASTER);
-	
-	__build_tuple(req,
-		      size,
-		      &exp->mask.tuple[__DIR_ORIG],
-		      CTA_EXPECT_MASK);
+	if (test_bit(ATTR_EXP_EXPECTED, exp->set)) {
+		__build_tuple(req,
+			      size,
+			      &exp->expected.tuple[__DIR_ORIG],
+			      CTA_EXPECT_TUPLE);
+	}
+
+	if (test_bit(ATTR_EXP_MASTER, exp->set)) {
+		__build_tuple(req,
+			      size,
+			      &exp->master.tuple[__DIR_ORIG],
+			      CTA_EXPECT_MASTER);
+	}
+
+	if (test_bit(ATTR_EXP_MASK, exp->set)) {
+		__build_tuple(req,
+			      size,
+			      &exp->mask.tuple[__DIR_ORIG],
+			      CTA_EXPECT_MASK);
+	}
 
 	if (test_bit(ATTR_EXP_TIMEOUT, exp->set))
 		__build_timeout(req, size, exp);