These messages are system TDI-level messages wrappers. All messages have TDI_EVENT_TYPE enumeration type and defined in includecommon.h. Message can be reported before it was processed by TCPIP stack (request origination) and after it was processed by TCPIP stack (request completion).
In your case tdi messages mean:
Message #=1
Create Address object on IP-address 120.0.0.1:2298
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=2
Create connection endpoint
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=3
Bind connection endpoint to address object
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=4
Create the second connection endpoint
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=5
Bind the second connection endpoint to address object
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=16
The incoming connection request from 127.0.0.1:2299 to 127.0.0.1:2298
Protocol TCP, process name thunderbird.exe, process id 2180
Message #=17
Accept the incoming connection request from 127.0.0.1:2299 to 127.0.0.1:2298
Protocol TCP, process name thunderbird.exe, process id 2180
You can use TDI_EVT_CONNECT and TDI_EVT_INCOMING_CONNECTION events to store connection information into the connection table and TDI_EVT_DISCONNECT, TDI_EVT_INCOMING_DISCONNECT to remove it.