A bug in the the depths of libpcap

This was a fun bug I found at work while I was working on the magic firewall team:

https://github.com/the-tcpdump-group/libpcap/pull/1090

Apparently no-one is using nflog this deeply so this bug was sitting around for years. This goes along of the theme of one of my running list of bugs while homelabbing - there are just bugs sitting around until someone discovers them.

Other notes

Libpcap is actually the lower level library that’s used by programs such as wireshark and tcpdump … we actually found the bug trying to use tcpdump to do things with nflog.