[conntrack] Self-correcting mechanism for existing connections' direction

[nddq]

Currently, for TCP connections that existed before Retina was deployed, conntrack uses a best-effort approach, relying on the ACK packet to determine the direction of these connections. However, this method can be inaccurate. Implementing a self-correcting mechanism, such as examining the packet sequence numbers, could resolve this issue. We also need to figure out a self-correcting mechanism for UDP connections as well.