CR250WAASCM#tethereal -i any -R "ip.addr eq 172.29.17.9"
Running as user "admin" and group "root". This could be dangerous.
Capturing on Pseudo-device that captures on all interfaces
11.788188  172.29.17.9 -> 172.29.250.223 TCP 48961 > https [SYN, ECN, CWR] Seq=0 Win=5840 Len=0 MSS=1380 TSV=338656641 TSER=0 WS=8
 11.788217 172.29.250.223 -> 172.29.17.9  TCP https > 48961 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208827229 TSER=338656641 WS=8
 15.986671 172.29.250.223 -> 172.29.17.9  TCP https > 48961 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208831429 TSER=338656641 WS=8
 21.985596 172.29.250.223 -> 172.29.17.9  TCP https > 48961 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208837429 TSER=338656641 WS=8
 32.057799  172.29.17.9 -> 172.29.250.223 TCP 48961 > https [RST, CWR] Seq=1 Win=5632 Len=0
 39.994451  172.29.17.9 -> 172.29.250.223 TCP 48965 > https [SYN, ECN, CWR] Seq=0 Win=5840 Len=0 MSS=1380 TSV=338684851 TSER=0 WS=8
 39.994467 172.29.250.223 -> 172.29.17.9  TCP https > 48965 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208855441 TSER=338684851 WS=8
 43.193803 172.29.250.223 -> 172.29.17.9  TCP https > 48965 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208858641 TSER=338684851 WS=8
 49.192720 172.29.250.223 -> 172.29.17.9  TCP https > 48965 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=4208864641 TSER=338684851 WS=8
 60.222245  172.29.17.9 -> 172.29.250.223 TCP 48965 > https [RST, CWR] Seq=1 Win=5632 Len=0