dissector: Restore paket type if capturing from nlmon device

dissector: Restore paket type if capturing from nlmon device

The kernel sets the skb pkttype to PACKET_OUTGOING for all packets being
sent through dev_queue_xmit_nit(). However, if capturing packets from an
nlmon device, this causes the information on whether the netlink packet
was sent to kernel- or userspace (PACKET_KERNEL/PACKET_USER) to be
overwritten.

A previous attempt by Daniel Borkmann to fix this in kernel space [1] by
not overwriting the packet type for netlink packets was not regarded as
the proper solution.

[1] http://patchwork.ozlabs.org/patch/338612/

Thus, attempt to fix this in userspace by looking at the pid field of
the netlink packet, which is always 0 for messages to kernel space [2].

[2] http://www.carisma.slowglass.com/~tgr/libnl/doc/core.html#core_netlink_fundamentals

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>