For example, I have two host 1.1.1.1 and 2.2.2.2.
After capturing all traffic between them in certain time range, I would like to find all TCP connection finish initiated by 1.1.1.1 (i.e. 1.1.1.1 sent TCP FIN first in TCP connection termination)