diff --git a/[refs] b/[refs]
index 2f7f7a259e9a..6a6ab119ddf9 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: fcda46128d5cb50075339b79ce585ab767337e9e
+refs/heads/master: a856a19a9f3ee14fc0d555470f3af138aeb0245c
diff --git a/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c b/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
index 7fe745659642..5c1c0a3d1c4b 100644
--- a/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1293,6 +1293,14 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb,
 	if (!exp)
 		return -ENOENT;
 
+	if (cda[CTA_EXPECT_ID-1]) {
+		u_int32_t id = *(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
+		if (exp->id != ntohl(id)) {
+			ip_conntrack_expect_put(exp);
+			return -ENOENT;
+		}
+	}	
+
 	err = -ENOMEM;
 	skb2 = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
 	if (!skb2)