updated after opensnitch repo commit 448d930ceb

Compilation.md

@@ -33,6 +33,36 @@ sudo ln -s /usr/lib64/qt5/bin/lrelease-qt5 /usr/local/bin/lrelease
 ```
 Then it should build properly.
 
+### Compiling the eBPF modules
+
+```bash
+# dependencies:
+# sudo apt install -y wget flex bison ca-certificates wget python3 rsync bc libssl-dev clang llvm libelf-dev libzip-dev git libpcap-dev
+
+cd opensnitch/
+
+kernel_version=$(uname -r | cut -d. -f1,2)
+
+rm -f v${kernel_version}.tar.gz
+wget https://github.com/torvalds/linux/archive/v${kernel_version}.tar.gz
+
+rm -rf linux-${kernel_version}/
+tar -xf v${kernel_version}.tar.gz
+
+patch linux-${kernel_version}/tools/lib/bpf/bpf_helpers.h < ebpf_prog/file.patch
+cp ebpf_prog/opensnitch*.c ebpf_prog/common.h ebpf_prog/Makefile linux-${kernel_version}/samples/bpf
+cd linux-${kernel_version} && yes "" | make oldconfig && make prepare && make headers_install # (1 min)
+cd samples/bpf && make
+# objdump -h opensnitch.o #you should see many section, number 1 should be called kprobe/tcp_v4_connect
+
+mkdir ../../../ebpf_prog/modules/
+cp opensnitch*o ../../../ebpf_prog/modules/
+cd ../../../
+llvm-strip -g ebpf_prog/modules/opensnitch.o #remove debug info
+```
+
+Then you can copy the `*.o` files to `/etc/opensnitchd/`:
+`$ sudo cp opensnitch*.o /etc/opensnitchd/`
 
 **Daemon**