GH-646: add new "successful_connection_remove" event

And switch Zeek's base scripts over to using it in place of
"connection_state_remove".  The difference between the two is
that "connection_state_remove" is raised for all events while
"successful_connection_remove" excludes TCP connections that were never
established (just SYN packets).  There can be performance benefits
to this change for some use-cases.

There's also a new event called ``connection_successful`` and a new
``connection`` record field named "successful" to help indicate this new
property of connections.

scripts/base/protocols/ftp/main.zeek

@@ -322,7 +322,7 @@ event connection_reused(c: connection) &priority=5
 		c$ftp_data_reuse = T;
 	}
 
-event connection_state_remove(c: connection) &priority=-5
+event successful_connection_remove(c: connection) &priority=-5
 	{
 	if ( c$ftp_data_reuse ) return;
 	if ( [c$id$resp_h, c$id$resp_p] in ftp_data_expected )
@@ -334,8 +334,8 @@ event connection_state_remove(c: connection) &priority=-5
 		}
 	}
 
-# Use state remove event to cover connections terminated by RST.
-event connection_state_remove(c: connection) &priority=-5
+# Use remove event to cover connections terminated by RST.
+event successful_connection_remove(c: connection) &priority=-5
 	{
 	if ( ! c?$ftp ) return;