Comment 4 for bug 1457472

I have tested this on kernel 4.4.0 (in Xenial) and I don't think the fix that went into 3.19 fixed the entire issue.

My understanding is that since nmap uses a relatively long pcap_select() timeout, and the packet buffers in the kernel aren't filling up fast enough, the packet loss can still be seen.

I see that you have worked around this in nmap by disabling TPACKET_v3:

https://github.com/nmap/nmap/commit/83b9c4c939094e673705b7c270533708853891f0

I noticed that another project (which I found linked to the libpcap bug) worked around this issue by using libpcap's immediate_mode:

https://github.com/teclo/flow-disruptor/commit/3376d049fc5280aedccc42fc6e090c32c0c4a128

Would you consider trying this same workaround in nmap, since it seems more general than forcing TPACKET_V3 to be disabled? (That is, only users who compile nmap from source and use "./configure --with-libpcap=included" can currently use the workaround.)