Patch for reading PCAP files writed on device with different endianess

[Finikssky]

If pcap file was harvested on device with different endianess (like MIPS BE router), reading pcap header was incorrect. This patch fix it.

[jemcek]

do you have an examle of such a pcap file, that I could make some tests with the patch?

[Finikssky]

https://yadi.sk/d/EvIc_dzMrOaXLg - simple arp request in BE
https://yadi.sk/d/M-dAipk1pATv_Q - simple arp request in LE

a1b2 c3d4 0002 0004 0000 0000 0000 0000 0000 ffff 0000 0001 3c0e ac9d 0001 5f33 0000 002a 0000 002a ffff ffff ffff e0d9 e3ac 0cbf 0806 0001 0800 0604 0001 e0d9 e3ac 0cbf c0a8 c0d0 0000 0000 0000 0101 0101 - arp request BE binary text from sublime

d4c3 b2a1 0200 0400 0000 0000 0000 0000 0090 0100 0100 0000 0000 0000 0000 0000 2a00 0000 2a00 0000 ffff ffff ffff e0d9 e3ac 0cbf 0806 0001 0800 0604 0001 e0d9 e3ac 0cbf c0a8 c0d0 0000 0000 0000 0101 0101 - arp request LE binary text from sublime

I create arp_req_le.pcap with packETH on my PC, than i send this pcap from BE device and dump it with tcpdump on device. We can see if we open BE pcap on LE PC - packETH say that there is incorrect format, and if we open LE pcap on BE device - too. Patch fix it by check request header and convert it in host endianess.