fix(ja4ebpf): remove double bswap16 on accept4 port

The manual byte assembly (sa_buf[2]<<8 | sa_buf[3]) already produces
a host-byte-order port value; __builtin_bswap16 was swapping it again,
causing SSL events to use wrong source ports and preventing TLS/HTTP
session correlation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

services/ja4ebpf/bpf/uprobe_ssl.c

@@ -227,11 +227,11 @@ int kretprobe_accept4_exit(struct sys_exit_accept4_ctx *ctx)
     bpf_probe_read_user(sa_buf, sizeof(sa_buf), (void *)sockaddr_ptr);
 
     /* Extraire port (octets 2-3) et adresse IP (octets 4-7) */
-    __u16 sin_port = (__u16)(sa_buf[2] << 8) | sa_buf[3];   /* network byte order */
+    __u16 sin_port = (__u16)(sa_buf[2] << 8) | sa_buf[3];   /* already host byte order (manual assembly) */
-    __u32 sin_addr = *(__u32 *)(sa_buf + 4);                 /* network byte order */
+    __u32 sin_addr = *(__u32 *)(sa_buf + 4);                 /* network byte order (raw memory read) */
 
-    __u32 src_ip   = __builtin_bswap32(sin_addr);            /* host byte order */
+    __u32 src_ip   = __builtin_bswap32(sin_addr);            /* network → host byte order */
-    __u16 src_port = __builtin_bswap16(sin_port);            /* host byte order */
+    __u16 src_port = sin_port;                               /* already host byte order */
     __u32 fd       = (__u32)new_fd;
 
     /* Peupler accept_map[{pid_tgid, fd}] */