sfcapd writes empty flow files when samples contain VNI data

[mikej96]

It appears that sfcapd will not write flows to the output (nfcapd.*) files when samples contain VNI data (type 1029 and 1030), unless it is in debug mode.

I will follow up this bug report with emailed packet capture that shows this.

Steps to reproduce:

1. Compile with --enable-sflow --enable-nsel (do not use --enable-devel)
2. Run sfcapd with the vni-example.pcap file provided via email. ie) ./sfcapd -f /home/mike/vni-example.pcap -w /tmp
3. Notice that every packet results in:

SFLOW: flow_sample_element length error (expected 4, found 0)
SFLOW: caught exception: 3

4. Observe the flow file to be empty:

~$ ./nfdump -r /tmp/nfcapd.202312042350 
Date first seen          Event  XEvent Proto      Src IP Addr:Port          Dst IP Addr:Port     X-Src IP Addr:Port        X-Dst IP Addr:Port   In Byte Out Byte
No matching flows
Summary: total flows: 0, total bytes: 0, total packets: 0, avg bps: 0, avg pps: 0, avg bpp: 0
Time window: 2023-12-04 23:50:00 - 2023-12-04 23:55:00
Total flows processed: 0, passed: 0, Blocks skipped: 0, Bytes read: 0
Sys: 0.0000s User: 0.0027s Wall: 0.0001s flows/second: 0.0 Runtime: 0.0001s

5. Now, compile with --enable-devel
6. Repeating steps 2-4 will yield data in the 'nfcapd.*' flow output files with the following summary:

Summary: total flows: 48841, total bytes: 13.6 G, total packets: 48.8 M, avg bps: 6.1 T, avg pps: 2.7 G, avg bpp: 278
Time window: 2023-12-05 00:03:58 - 2023-12-05 00:03:58
Total flows processed: 48841, passed: 48841, Blocks skipped: 0, Bytes read: 8969632
Sys: 0.1186s User: 0.0536s Wall: 0.1925s flows/second: 253681.3 Runtime: 0.1925s