diff --git a/bpf/agentold_x86_bpfel.go b/bpf/agentold_x86_bpfel.go
index 9cd7a3d8..2c4eacd9 100644
--- a/bpf/agentold_x86_bpfel.go
+++ b/bpf/agentold_x86_bpfel.go
@@ -210,6 +210,7 @@ type AgentOldProgramSpecs struct {
 	SkbCopyDatagramIovec               *ebpf.ProgramSpec `ebpf:"skb_copy_datagram_iovec"`
 	SkbCopyDatagramIter                *ebpf.ProgramSpec `ebpf:"skb_copy_datagram_iter"`
 	SockAllocRet                       *ebpf.ProgramSpec `ebpf:"sock_alloc_ret"`
+	TcpDestroySock                     *ebpf.ProgramSpec `ebpf:"tcp_destroy_sock"`
 	TcpQueueRcv                        *ebpf.ProgramSpec `ebpf:"tcp_queue_rcv"`
 	TcpRcvEstablished                  *ebpf.ProgramSpec `ebpf:"tcp_rcv_established"`
 	TcpV4DoRcv                         *ebpf.ProgramSpec `ebpf:"tcp_v4_do_rcv"`
@@ -237,6 +238,7 @@ type AgentOldProgramSpecs struct {
 	TracepointSyscallsSysExitSendto    *ebpf.ProgramSpec `ebpf:"tracepoint__syscalls__sys_exit_sendto"`
 	TracepointSyscallsSysExitWrite     *ebpf.ProgramSpec `ebpf:"tracepoint__syscalls__sys_exit_write"`
 	TracepointSyscallsSysExitWritev    *ebpf.ProgramSpec `ebpf:"tracepoint__syscalls__sys_exit_writev"`
+	XdpProxy                           *ebpf.ProgramSpec `ebpf:"xdp_proxy"`
 }
 
 // AgentOldMapSpecs contains maps before they are loaded into the kernel.
@@ -335,6 +337,7 @@ type AgentOldPrograms struct {
 	SkbCopyDatagramIovec               *ebpf.Program `ebpf:"skb_copy_datagram_iovec"`
 	SkbCopyDatagramIter                *ebpf.Program `ebpf:"skb_copy_datagram_iter"`
 	SockAllocRet                       *ebpf.Program `ebpf:"sock_alloc_ret"`
+	TcpDestroySock                     *ebpf.Program `ebpf:"tcp_destroy_sock"`
 	TcpQueueRcv                        *ebpf.Program `ebpf:"tcp_queue_rcv"`
 	TcpRcvEstablished                  *ebpf.Program `ebpf:"tcp_rcv_established"`
 	TcpV4DoRcv                         *ebpf.Program `ebpf:"tcp_v4_do_rcv"`
@@ -362,6 +365,7 @@ type AgentOldPrograms struct {
 	TracepointSyscallsSysExitSendto    *ebpf.Program `ebpf:"tracepoint__syscalls__sys_exit_sendto"`
 	TracepointSyscallsSysExitWrite     *ebpf.Program `ebpf:"tracepoint__syscalls__sys_exit_write"`
 	TracepointSyscallsSysExitWritev    *ebpf.Program `ebpf:"tracepoint__syscalls__sys_exit_writev"`
+	XdpProxy                           *ebpf.Program `ebpf:"xdp_proxy"`
 }
 
 func (p *AgentOldPrograms) Close() error {
@@ -375,6 +379,7 @@ func (p *AgentOldPrograms) Close() error {
 		p.SkbCopyDatagramIovec,
 		p.SkbCopyDatagramIter,
 		p.SockAllocRet,
+		p.TcpDestroySock,
 		p.TcpQueueRcv,
 		p.TcpRcvEstablished,
 		p.TcpV4DoRcv,
@@ -402,6 +407,7 @@ func (p *AgentOldPrograms) Close() error {
 		p.TracepointSyscallsSysExitSendto,
 		p.TracepointSyscallsSysExitWrite,
 		p.TracepointSyscallsSysExitWritev,
+		p.XdpProxy,
 	)
 }
 
diff --git a/bpf/gen.go b/bpf/gen.go
index d4b82273..2a3d2541 100644
--- a/bpf/gen.go
+++ b/bpf/gen.go
@@ -1,4 +1,4 @@
 package bpf
 
-//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -type sock_key -type control_value_index_t -type kern_evt -type kern_evt_data -type conn_evt_t -type conn_type_t -type conn_info_t -type endpoint_role_t -type traffic_direction_t -type traffic_protocol_t -type step_t -cflags "$CFLAGS" -target amd64 Agent ./pktlatency.bpf.c
-//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -type sock_key -type control_value_index_t -type kern_evt -type kern_evt_data -type conn_evt_t -type conn_type_t -type conn_info_t -type endpoint_role_t -type traffic_direction_t -type traffic_protocol_t -type step_t -cflags "$CFLAGS -D KERNEL_VERSION_BELOW_58" -target amd64 AgentOld ./pktlatency.bpf.c -- -I$OUTPUT $VMLINUX
+//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -type sock_key -type control_value_index_t -type kern_evt -type kern_evt_data -type conn_evt_t -type conn_type_t -type conn_info_t -type endpoint_role_t -type traffic_direction_t -type traffic_protocol_t -type step_t -target amd64 Agent ./pktlatency.bpf.c -- -I./ -I$OUTPUT -I../libbpf/include/uapi -I../vmlinux/x86/
+//go:generate go run github.com/cilium/ebpf/cmd/bpf2go -type sock_key -type control_value_index_t -type kern_evt -type kern_evt_data -type conn_evt_t -type conn_type_t -type conn_info_t -type endpoint_role_t -type traffic_direction_t -type traffic_protocol_t -type step_t -cflags "-D OLD_KERNEL" -target amd64 AgentOld ./pktlatency.bpf.c -- -I./ -I$OUTPUT -I../libbpf/include/uapi -I../vmlinux/x86/
diff --git a/bpf/pktlatency.bpf.c b/bpf/pktlatency.bpf.c
index 61173b54..4423a3d3 100644
--- a/bpf/pktlatency.bpf.c
+++ b/bpf/pktlatency.bpf.c
@@ -5,9 +5,7 @@
 #include "../vmlinux/vmlinux.h"
 #include <bpf/bpf_helpers.h>
 #include <bpf/bpf_tracing.h>
-#ifndef COMPAT_MODE 
 #include <bpf/bpf_core_read.h> 
-#endif
 #include <bpf/bpf_endian.h>
 #include "pktlatency.h"
 
@@ -26,28 +24,9 @@ char LICENSE[] SEC("license") = "Dual BSD/GPL";
 	tmp;							\
 })
 
-#ifdef COMPAT_MODE
-#define _PT_REGS_RC(ctx) PT_REGS_RC(ctx);
-#else
-#define _PT_REGS_RC(ctx) PT_REGS_RC_CORE(ctx);
-
-#endif
 
-#ifdef COMPAT_MODE
-#define _C(src, a)	_((src)->a)
-#else
 #define _C(src, a, ...)		BPF_CORE_READ(src, a, ##__VA_ARGS__)
-#endif
-#ifdef COMPAT_MODE
-#define _U(src, a)		\
-({						\
-	typeof(src) tmp;	\
-	bpf_probe_read_user(&tmp, sizeof(src), &(src));	\
-	tmp;							\
-})
-#else 
 #define _U(src, a, ...)		BPF_PROBE_READ_USER(src, a, ##__VA_ARGS__)
-#endif
 
 #ifdef BPF_DEBUG
 #define pr_bpf_debug(fmt, args...) {				\
@@ -208,7 +187,7 @@ static __inline enum target_tgid_match_result_t match_trace_tgid(const uint32_t
 }
 
 static __always_inline struct sock_key reverse_sock_key(struct sock_key* key) {
-	struct sock_key copy; 
+	struct sock_key copy;
 	copy.dip = key->sip;
 	copy.dport = key->sport;
 	copy.sip = key->dip;
@@ -326,8 +305,6 @@ static void __always_inline report_syscall_buf(void* ctx, uint64_t seq, struct c
 	} else {
 		evt->ke.ts = bpf_ktime_get_ns();
 	}
-	// const char *func_name = SYSCALL_FUNC_NAME;
-	// bpf_probe_read_kernel(evt->ke.func_name, 8, func_name);
 	evt->buf_size = _len; 
 
 	size_t len_minus_1 = _len - 1;
@@ -723,7 +700,6 @@ int tracepoint__netif_receive_skb(struct trace_event_raw_net_dev_template  *ctx)
 	void *p = (void*)ctx + sizeof(struct trace_entry);
 	struct sk_buff *skb;
 	bpf_probe_read_kernel(&skb, sizeof(struct sk_buff *), p);
-	// struct sk_buff *skb = (struct sk_buff*) (ctx->skbaddr);
 	parse_skb(ctx, skb, 1, DEV_IN);
 	return 0;
 }
@@ -756,17 +732,7 @@ int BPF_KPROBE(ip_rcv_core, struct sk_buff *skb) {
 	parse_skb(ctx, skb, 1, IP_IN);
 	return BPF_OK;
 } 
-// #ifdef KERNEL_VERSION_BELOW_58
-// SEC("tracepoint/net/net_dev_xmit")
-// int dev_hard_start_xmit(struct trace_event_raw_net_dev_template  *ctx) {
-// 	void *p = (void*)ctx + sizeof(struct trace_entry);
-// 	struct sk_buff *skb;
-// 	bpf_probe_read_kernel(&skb, sizeof(struct sk_buff *), p);
-// 	// struct sk_buff *skb = (struct sk_buff*) (ctx->skbaddr);
-// 	parse_skb(ctx, skb, 1, DEV_OUT);
-// 	return 0;
-// }
-// #else
+
 // 出队之后，发送到设备
 SEC("kprobe/dev_hard_start_xmit")
 int BPF_KPROBE(dev_hard_start_xmit, struct sk_buff *first) {
@@ -784,7 +750,6 @@ int BPF_KPROBE(dev_hard_start_xmit, struct sk_buff *first) {
 	
 	return 0;
 }
-// #endif
 
 // 进入qdisc之前
 SEC("kprobe/dev_queue_xmit")
@@ -792,7 +757,7 @@ int BPF_KPROBE(dev_queue_xmit, struct sk_buff *skb) {
 	parse_skb(ctx, skb, 0, QDISC_OUT);
 	return 0;
 }
-#ifdef KERNEL_VERSION_BELOW_58
+#ifdef KERNEL_VERSION_310
 SEC("kprobe/ip_queue_xmit")
 int BPF_KPROBE(ip_queue_xmit, struct sk_buff *skb)
 #else
@@ -1277,8 +1242,6 @@ int tracepoint__syscalls__sys_exit_recvfrom(struct trace_event_raw_sys_exit *ctx
 
 SEC("tracepoint/syscalls/sys_enter_read")
 int tracepoint__syscalls__sys_enter_read(struct trace_event_raw_sys_enter *ctx) {
-// SEC("kprobe/__x64_sys_read")
-// int BPF_KSYSCALL(read_enter,  uint32_t fd, char* buf, size_t count) {
 	uint64_t id = bpf_get_current_pid_tgid();
 
 	struct data_args args = {0};
@@ -1555,8 +1518,6 @@ int tracepoint__syscalls__sys_exit_close(struct trace_event_raw_sys_exit *ctx)
 
 
 //int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
-// SEC("kprobe/__sys_connect")
-// int BPF_KPROBE(connect_entry, int sockfd, const struct sockaddr* addr) {
 SEC("tracepoint/syscalls/sys_enter_connect")
 int tracepoint__syscalls__sys_enter_connect(struct trace_event_raw_sys_enter *ctx) {
 	uint64_t id = bpf_get_current_pid_tgid();
@@ -1583,10 +1544,6 @@ int tracepoint__syscalls__sys_exit_connect(struct trace_event_raw_sys_exit *ctx)
 	return 0;
 }
 
-
-// SEC("kprobe/accept4")
-// int BPF_KPROBE(accept4_entry, int sockfd, struct sockaddr* addr) {
-
 SEC("tracepoint/syscalls/sys_enter_accept4")
 int tracepoint__syscalls__sys_enter_accept4(struct trace_event_raw_sys_enter *ctx) {
 	uint64_t id = bpf_get_current_pid_tgid();
@@ -1606,24 +1563,12 @@ int BPF_KRETPROBE(sock_alloc_ret)
 		return 0;
 	}
 	if (!args->sock_alloc_socket) {
-		args->sock_alloc_socket = (struct socket*) _PT_REGS_RC(ctx);
+		args->sock_alloc_socket = (struct socket*) PT_REGS_RC_CORE(ctx);
 	}
 
 	return 0;
 }
 
-// SEC("kretprobe/__sys_accept4")
-// int BPF_KRETPROBE(sys_accept4_ret)
-// {
-// 	uint64_t id = bpf_get_current_pid_tgid();
-// 	struct accept_args *args = bpf_map_lookup_elem(&accept_args_map, &id);
-// 	if (args != NULL) {
-// 		process_syscall_accept(ctx, args, id);
-// 	}	
-// 	bpf_map_delete_elem(&accept_args_map, &id);
-// 	return 0;
-// }
-
 SEC("tracepoint/syscalls/sys_exit_accept4")
 int tracepoint__syscalls__sys_exit_accept4(struct trace_event_raw_sys_exit *ctx) {
 	uint64_t id = bpf_get_current_pid_tgid();
diff --git a/build.sh b/build.sh
index 0bb20bd1..668b28bb 100755
--- a/build.sh
+++ b/build.sh
@@ -1,13 +1,5 @@
 #!/bin/bash
-echo "$1"
-echo "$2"
-echo "------------------------"
-if [ -n "$2" ]
-then
-    cd bpf && CFLAGS="$1 $2 -I../.output/" OUTPUT="../.output/" go generate -v 
-else
-    cd bpf && CFLAGS="$1 -I../.output/" OUTPUT="../.output/"  go generate -v 
-fi
+cd bpf && OUTPUT="../.output/" VMLINUX="../vmlinux/x86/vmlinux.h" go generate -v 
 cd ..
 export CGO_LDFLAGS="-Xlinker -rpath=. -static"  &&  go build
-echo "success!" 
\ No newline at end of file
+echo "success!"
\ No newline at end of file
diff --git a/makefiles/arch.mk b/makefiles/arch.mk
deleted file mode 100644
index f842de65..00000000
--- a/makefiles/arch.mk
+++ /dev/null
@@ -1,41 +0,0 @@
-ARCH ?= $(shell uname -m)
-SRCARCH := $(ARCH)
-
-# Additional ARCH settings for x86
-ifeq ($(ARCH),i386)
-        SRCARCH := x86
-endif
-ifeq ($(ARCH),x86_64)
-        SRCARCH := x86
-endif
-
-# Additional ARCH settings for arm64
-ifeq ($(ARCH),aarch64)
-        SRCARCH := arm64
-endif
-
-# Additional ARCH settings for loongarch64
-ifeq ($(ARCH),loongarch64)
-        SRCARCH := loongarch
-endif
-
-# Additional ARCH settings for sparc
-ifeq ($(ARCH),sparc32)
-       SRCARCH := sparc
-endif
-ifeq ($(ARCH),sparc64)
-       SRCARCH := sparc
-endif
-
-# Additional ARCH settings for sh
-ifeq ($(ARCH),sh64)
-       SRCARCH := sh
-endif
-
-# Additional ARCH settings for tile
-ifeq ($(ARCH),tilepro)
-       SRCARCH := tile
-endif
-ifeq ($(ARCH),tilegx)
-       SRCARCH := tile
-endif
diff --git a/vmlinux_header.h b/vmlinux_header.h
deleted file mode 100644
index a1a2ac41..00000000
--- a/vmlinux_header.h
+++ /dev/null
@@ -1,24 +0,0 @@
-// SPDX-License-Identifier: MulanPSL-2.0
-
-#include <uapi/linux/in.h>
-#include <uapi/linux/ip.h>
-#include <uapi/linux/ipv6.h>
-#include <uapi/linux/tcp.h>
-#include <uapi/linux/udp.h>
-#include <uapi/linux/icmp.h>
-#include <uapi/linux/bpf.h>
-
-#include <linux/skbuff.h>
-#include <linux/netdevice.h>
-#include <linux/netfilter/x_tables.h>
-#include <linux/tcp.h>
-
-#include <net/sch_generic.h>
-#include <net/sock.h>
-#include <net/inet_connection_sock.h>
-
-#if defined(CONFIG_NF_TABLES) || defined(CONFIG_NF_TABLES_MODULE)
-#include <net/netfilter/nf_tables.h>
-#else
-#define NT_DISABLE_NFT
-#endif