diff --git a/src/bpf/net.bpf.c b/src/bpf/net.bpf.c
index 1c5d5c90819de89800ba8f29c2bf781c748f1561..17862745ea76aca256a18646171d51d112db9375 100644
--- a/src/bpf/net.bpf.c
+++ b/src/bpf/net.bpf.c
@@ -278,6 +278,8 @@ static __always_inline bool match_container_id(struct connect_info_t* conn_info)
   BPF_DEBUG("after memset! pid:%u, cgroup:%s, real_length:%u \n", conn_info->conn_id.tgid, prefix->data, conn_info->docker_id_length);
   bpf_probe_read(prefix->data, CONTAINER_ID_MAX_LENGTH, conn_info->docker_id + trim_len);
   prefix->prefixlen = CONTAINER_ID_MAX_LENGTH << 3;
+  // {pid,fd} ==> {ip, port,ns}
+  // {pid,fd} <== {ip, port,ns}
   __u64* cid_key = bpf_map_lookup_elem(&enable_container_ids, prefix);
   if (cid_key) {
     BPF_DEBUG("bingo! pid:%u, cgroup:%s, prefix:%u \n", conn_info->conn_id.tgid, prefix->data, prefix->prefixlen);
@@ -456,6 +458,7 @@ static __always_inline void init_conn_info(uint32_t tgid,
   conn_info->is_sample = true;
   conn_info->protocol = ProtoUnknown;
   conn_info->cid_key = 0;
+  // dockerid + dockerid length
   struct task_struct *task = (struct task_struct *)bpf_get_current_task();
   struct cgroup *cgrp = get_task_cgroup(task);
   if (!cgrp)
@@ -1073,7 +1076,8 @@ static __always_inline void reset_sock_info(struct connect_info_t *info)
 
 static __always_inline void try_event_output(void *ctx, struct connect_info_t *info, enum support_direction_e direction)
 {
-  if (info->rt)
+  // 现在下次的请求，而且匹配到了上次的请求和响应
+  if (info->rt) // rt 只有在请求的时候会记录
   {
     if (info->request_len + info->response_len != 0)
     {
@@ -1085,8 +1089,10 @@ static __always_inline void try_event_output(void *ctx, struct connect_info_t *i
       }
     }
     reset_sock_info(info);
+    // return ??
   }
 
+  // 只有 request，没有 response，则设置 request 的时间戳
   u64 ts = bpf_ktime_get_ns();
   if (info->start_ts == 0)
     info->start_ts = ts;