Consider using sharkd when it's available

[gcla]

One of the first comments I received on termshark's initial release was did I consider using sharkd instead of tshark... I didn't, but out of ignorance! Sharkd is a daemon with a JSON interface that supports loading pcaps, checking filters, and various other tshark operations. It would have two main advantages:

• it would be faster for things like filter syntax checking because I wouldn't need to run a separate process each time
• it would be better for large pcaps because I wouldn't need the optimizations around loading pdml in chunks, reducing complexity a lot

The main disadvantages, afaict, are that

• sharkd isn't bundled on Windows.
• I can't see a way to get psml and pdml from it (but I must be missing that, surely)