Suricata

This could be done in an effort to gather all PCAP-related structure members under one structure.

Notes to consider:
- Some plugins may use plugins_v, thus altering pcap_v.pcap_cnt would result in memory changes (decision required if it ok)
- pcap_cnt is often used unguarded, especially in Debug functions which would write nonsense values when running with other capture modes (e.g. running AFP in Debug mode would likely print non-zero numbers) (easy fix - add guards to limit only to PCAP_FILE and UNIX_SOCKET modes)

Some example:

static void DetectRun(ThreadVars *th_v,
        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
        Packet *p)
{
    SCEnter();
    SCLogDebug("p->pcap_v.pcap_cnt %" PRIu64 " direction %s pkt_src %s", p->pcap_v.pcap_cnt,
            p->flow ? (FlowGetPacketDirection(p->flow, p) == TOSERVER ? "toserver" : "toclient")
                    : "noflow",
            PktSrcToString(p->pkt_src));