Support nanosecond precision in pcap files

[stevenengler]

Normal pcap files have microsecond precision, and this is what Shadow outputs:

shadow/src/main/utility/pcap_writer.rs

Lines 66 to 69 in 18f1264

	// timestamp (seconds): 4 bytes
	self.writer.write_all(&ts_sec.to_ne_bytes())?;
	// timestamp (microseconds): 4 bytes
	self.writer.write_all(&ts_usec.to_ne_bytes())?;

There is an official pcap variant that stores nanosecond precision. This would be nice for Shadow since Shadow events occur at nanosecond precision. We'd also want to verify it works with Wireshark, but that shouldn't be a problem.

The one official variant of the pcap format is a version that supports nanosecond-precision time stamps. Libpcap 1.5.0 and later can read files in that format; older versions of libpcap, and all current versions of WinPcap, cannot read it. Older versions of Wireshark cannot read it; current versions can read it and can show the full nanosecond-resolution time stamps.

The magic bytes for this format are 0xa1b23c4d (note the final two bytes). There are no changes to the file or record headers from standard libpcap, apart from the timestamp resolution.