[Bro] handle out of order and retransmitted packets in offline trace

[Vern Paxson]

> Can Bro itself differentiate these retransmitted and out of order packets?

It's not clear what you mean by differentiate.  Bro reassembles the
TCP bytestream, correctly acounting for retransmitted and out-of-order
packets.

> Besides, can http-rewriter.bro handle the special HTTP packet which, for
> example, includes 2 or more requests or response or even one and half
> requests or responses?

Per Ruoming's earlier comment, http-rewriter.bro does *not* operate on
individual packets, it operates on the reassembled bytestream.  It then
constructs new packets from that bytestream.  The timing of these packets
reflects the timing of the original packets, but the *sequencing* of the
packets does not.

		Vern