Initial commit (Readme.md)

README.md

@@ -1,14 +1,14 @@
 # eBPF Observability for PHP
-**phbpf** 是专为 PHP 打造的，用于在 Linux 系统中高效创建内核级跟踪与操作程序。以 eBPF 技术为核心，提供丰富的工具与示例，帮助 PHP 开发者在熟悉的生态下，使用强大的内核观测与动态插桩能力。
+**phbpf** is specifically designed for PHP, enabling the efficient creation of kernel-level tracing and manipulation programs in Linux systems. Centered around eBPF technology, it offers a rich set of tools and examples to empower PHP developers with robust kernel observability and dynamic instrumentation capabilities within their familiar ecosystem.
 
-## ✨ 特性
-- 原生 PHP 脚本直接操作 BPF 程序，适合快速开发与调试eBPF功能
-- 遵循 bcc 前端使用习惯，以极低成本将 bcc 工具项目使用php实现，内置使用样例
-- 核心逻辑使用 C/C++ 编写，调用 libbpf 和 LLVM 接口
-- 支持常用BPF hook：kprobe/uprobe、tracepoint 等
-- 外部独立进程，无感知监控正在运行的系统及目标进程
+## ✨ Features
+- Natively operate BPF programs with PHP scripts, ideal for rapid development and debugging of eBPF functionalities.
+- Adheres to bcc frontend usage patterns, allowing bcc tool projects to be implemented in PHP with minimal effort, including built-in examples.
+- Core logic written in C/C++, invoking libbpf and LLVM interfaces.
+- Supports common BPF hooks: kprobe/uprobe, tracepoint, etc.
+- Operates as an external, independent process for transparent monitoring of running systems and target processes.
 
-## 🛠 架构概览
+## 🛠 Architecture Overview
 ```text
 +-------------+        +---------------------------+
 |  PHP Script  | <----> | PHP Extension Module (C) |
@@ -47,38 +47,67 @@ Tracing... Hit Ctrl-C to end.
      128 -> 255      : 800      |**************************************|
 ```
 
-## 🔗 依赖
+## 🔗 Dependencies
 - PHP 7 / 8
-- 内核，开启 BPF 支持
+- Kernel with BPF support enabled
 - [libbpf](https://github.com/libbpf/libbpf)
 - [libbcc >= v0.29.0](https://github.com/iovisor/bcc)
 - Clang / LLVM
 
-## 🚀 快速开始
+## 🚀 Quick Start
 
-### 依赖安装
+### Dependency Installation
 
 ```bash
-# 安装llvm / bcc / clang 等
-例如 Ubuntu：
+# Install llvm / bcc / clang, etc.
+For example, on Ubuntu:
 sudo apt install bpfcc-tools linux-headers-$(uname -r)
 
-更多系统或依赖安装问题，参考：https://github.com/iovisor/bcc/blob/master/INSTALL.md
+For more information on system or dependency installation issues, refer to: https://github.com/iovisor/bcc/blob/master/INSTALL.md
 ```
 
-### 扩展安装
+### Extension Installation
 ```bash
 git clone --recursive https://git.yunzhihui.ltd/root/phbpf.git
 cd phbpf
 phpize
 ./configure
 make && sudo make install
-# 配置 php.ini
+# Configure php.ini
 echo "extension=ebpf.so" >> php.ini
-# 运行示例
+# Run example
 php examples/hello_world.php
 ```
 
 ### Contents
 
----
+### Tracing
+
+#### Examples
+
+- examples/tracing/[bitehist.php](examples/tracing/bitehist.php): Block I/O size histogram.
+- examples/tracing/[disksnoop.php](examples/tracing/disksnoop.php): Trace block device I/O latency.
+- examples/[hello_world.php](examples/hello_world.php): Prints "Hello, World!" for new processes.
+- examples/tracing/[stacksnoop](examples/tracing/stacksnoop.php): Trace a kernel function and print all kernel stack traces.
+- tools/[statsnoop](tools/statsnoop.php): Trace stat() syscalls.
+- examples/tracing/[tcpv4connect.php](examples/tracing/tcpv4connect.php): Trace TCP IPv4 active connections.
+- examples/tracing/[trace_fields.php](examples/tracing/trace_fields.php): Simple example of printing fields from traced events.
+- examples/tracing/[undump.php](examples/tracing/undump.php): Dump UNIX socket packets
+- examples/tracing/[urandomread.php](examples/tracing/urandomread.php): A kernel tracepoint example, which traces random:urandom_read.
+- examples/tracing/[kvm_hypercall.php](examples/tracing/kvm_hypercall.php): Conditional static kernel tracepoints for KVM entry, exit and hypercal.
+
+#### Tools
+
+ > This section is under construction. Please check back later.
+
+<center><a href="images/bcc_tracing_tools_2019.png"><img src="images/bcc_tracing_tools_2019.png" border=0 width=700></a></center>
+
+### Networking
+
+Examples:
+
+- examples/networking/[net_monitor.php](examples/networking/net_monitor.php): Used to monitor network packets on a specified network interface.
+
+## Contributing
+
+We welcome contributions to this project! Please feel free to submit a pull request.