Yes, I personally believe that parsing untrusted packets as root is a problem, as already documented by many sources (see Wireshark for example). That's because generating input for that piece of code is extremely easy if you can reach that machine one way or another.
It's possible to do this the right way by using a secondary process that drops privileges for good, with no chance of regaining them.
Additionally, I think that if something like this is used in production it should be split in many functions, with unit tests, and more importantly heavily fuzzed. The PR in question does not address those concern.
Speaking about reliability: without adding support for re-assembling the TCP conversations, it's prone to lose events (example: connections that are re-used) and parse packets that are not supposed to be handled (i.e.: a network problem causes some packets to be re-sent due to data corruption. they need to be identified and ignored)