check bidirectional traffic

Thanks... but how could I can identificate?

Wireshark will show ingress/egress traffic to/from the capture point. Look at the Source address. Ingress traffic will have the Source address as the capture point. Egress traffic will have a different source address.

Sorry I understand that the bi-directional communication always begin by source ip to destination ip, and communicates by the same port. So if I see like these:

12335   1642.502395000  192.168.1.140   192.168.1.153   GIOP    165 GIOP 1.2 Request, s=99 id=84: op=CRB_ClientKeepAlive\000
12336   1642.502785000  192.168.1.153   192.168.1.140   GIOP    82  GIOP 1.2 Reply, s=16 id=84: No Exception
12337   1642.657680000  192.168.1.140   192.168.1.153   TCP 54  1093→38960 [ACK] Seq=5906 Ack=13916 Win=64557 Len=0

It seems that is not bi-directional no? thanks!

It is bidirectional. The port numbers the participants use are independent of each other and tshark doesn't show them by default.

So one participant uses IP address x.x.x.x port XXXX and the other one uses IP address y.y.y.y port YYYY. One direction of the communication is then x.x.x.x:XXXX -> y.y.y.y:YYYY, the other direction is y.y.y.y:YYYY -> x.x.x.x:XXXX.

Besides, tshark shows the name of the highest-level protocol it could find in the frame. So if a transport protocol (TCP in your case) is used to convey PDUs of an application protocol (GIOP in your case), the frames which carry any GIOP as TCP's payload are marked as GIOP ones; the frames belonging to the same TCP session but carrying only TCP's overhead are marked as TCP ones (frame 12337 in your example).