line  CODE  JT   JF      K
=================================
 0000: 0x20 0x00 0x00 0x00000004  A = arch
 0001: 0x15 0x00 0x1b 0xc000003e  if (A != ARCH_X86_64) goto 0029
 0002: 0x20 0x00 0x00 0x00000000  A = sys_number
 0003: 0x35 0x00 0x01 0x40000000  if (A < 0x40000000) goto 0005
 0004: 0x15 0x00 0x22 0xffffffff  if (A != 0xffffffff) goto 0039
 0005: 0x15 0x20 0x00 0x00000003  if (A == close) goto 0038
 0006: 0x15 0x1f 0x00 0x0000000b  if (A == munmap) goto 0038
 0007: 0x15 0x1e 0x00 0x0000000c  if (A == brk) goto 0038
 0008: 0x15 0x1d 0x00 0x0000003c  if (A == exit) goto 0038
 0009: 0x15 0x1c 0x00 0x000000e7  if (A == exit_group) goto 0038
 0010: 0x15 0x00 0x04 0x00000009  if (A != mmap) goto 0015
 0011: 0x20 0x00 0x00 0x00000024  A = prot >> 32 # mmap(addr, len, prot, flags, fd, pgoff)
 0012: 0x15 0x00 0x1a 0x00000000  if (A != 0x0) goto 0039
 0013: 0x20 0x00 0x00 0x00000020  A = prot # mmap(addr, len, prot, flags, fd, pgoff)
 0014: 0x15 0x17 0x18 0x00000002  if (A == 0x2) goto 0038 else goto 0039
 0015: 0x15 0x00 0x04 0x0000003b  if (A != execve) goto 0020
 0016: 0x20 0x00 0x00 0x00000014  A = filename >> 32 # execve(filename, argv, envp)
 0017: 0x15 0x00 0x15 0x00000000  if (A != 0x0) goto 0039
 0018: 0x20 0x00 0x00 0x00000010  A = filename # execve(filename, argv, envp)
 0019: 0x15 0x12 0x13 0x00000000  if (A == 0x0) goto 0038 else goto 0039
 0020: 0x15 0x00 0x12 0x00000002  if (A != open) goto 0039
 0021: 0x20 0x00 0x00 0x00000014  A = filename >> 32 # open(filename, flags, mode)
 0022: 0x15 0x00 0x10 0x00000013  if (A != 0x13) goto 0039
 0023: 0x20 0x00 0x00 0x00000010  A = filename # open(filename, flags, mode)
 0024: 0x15 0x00 0x0e 0x37331337  if (A != 0x37331337) goto 0039
 0025: 0x20 0x00 0x00 0x0000001c  A = flags >> 32 # open(filename, flags, mode)
 0026: 0x15 0x00 0x0c 0x00000000  if (A != 0x0) goto 0039
 0027: 0x20 0x00 0x00 0x00000018  A = flags # open(filename, flags, mode)
 0028: 0x15 0x09 0x0a 0x00000000  if (A == 0x0) goto 0038 else goto 0039
 0029: 0x15 0x00 0x09 0x40000003  if (A != ARCH_I386) goto 0039
 0030: 0x20 0x00 0x00 0x00000000  A = sys_number
 0031: 0x15 0x06 0x00 0x00000001  if (A == i386.exit) goto 0038
 0032: 0x15 0x05 0x00 0x00000003  if (A == i386.read) goto 0038
 0033: 0x15 0x04 0x00 0x00000004  if (A == i386.write) goto 0038
 0034: 0x15 0x03 0x00 0x0000002d  if (A == i386.brk) goto 0038
 0035: 0x15 0x02 0x00 0x0000005a  if (A == i386.mmap) goto 0038
 0036: 0x15 0x01 0x00 0x0000005b  if (A == i386.munmap) goto 0038
 0037: 0x15 0x00 0x01 0x000000fc  if (A != i386.exit_group) goto 0039
 0038: 0x06 0x00 0x00 0x7fff0000  return ALLOW
 0039: 0x06 0x00 0x00 0x00000000  return KILL