Warn when aggregating and adding field with undefined aggregation function

[jwrona]

From man page:

With aggregation, this can be a little tricky. You can add only some fields without actually making the field an aggregation key. Those fields are first, last, received, bytes, packets, outbytes, outpackets, flows, tcpflags, eventtime, duration, bps, pps and bpp. If any other field is present in the list, it will be used as an aggregation key.

This is because only those fields has defined one of LNF_AGGR_{MIN,MAX,SUM,OR} as a default aggregation function. Other has LNF_AGGR_KEY, which means they can only be used as an aggregation key.

The default aggregation function can be queried by lnf_field_info() in runtime, it would be nice to detect it and print some warning/error message if this happened.

[jwrona]

Modified the behavior: if the default aggregation function of the field is LNF_AGGR_KEY and the field is not used as an aggregation key, use LNF_AGGR_MIN aggregation function.

Changed in 5ab429b