[Bro] wrong size computation

[Vern Paxson]

> there's a Bro script (Vern?) to sample packets very 
> efficiently to estimate connection size, even in the case the sequence 
> numbers wrap around a number of times, which then can be used to 
> validate the connection size

Yes, large-conn.bro, written by Chema Gonzalez, and first appearing in Bro
0.9a8.  Note that it's only useful for quite large connections, since it's
based on a form of (non-random) sampling.

		Vern