Parts of the tool may have been assembled from previously existing code. The style changes from place to place. For example, sometimes inet_addr() is used to convert an IP address, and other times gethostbyname(). There may have been several different authors.
The most striking example of the programmer's skill level is in the packet decode function. It appears to have been written at least twice. The first time, it used sprintf("%s") to copy data from one buffer to another. Someone realized that this can cause the packet to be truncated if it contains a null character, and rewrote it using loops to do the copying. However, they didn't remove the old code; it's still interleaved with the new. Evidently, they weren't comfortable enough with this function to clean it up after they got it working, so they just left it in a mess. They also used a O(n2) algorithm where a O(n) could do the same job.