feat(ja4ebpf): add multi-interface TC, LPM_TRIE ignore_src, unit tests, and fix bugs

- Add multi-interface TC attachment (default "any" = all UP interfaces)
- Add BPF LPM_TRIE map ignored_src for kernel-side CIDR filtering
- Add userspace ignore_src filtering for SSL/accept4 path via net.IPNet.Contains()
- Add AcceptCache for fd→SessionKey correlation with TTL and Close()
- Add 5 test files covering writer, procutil, dispatcher, accept_cache, and cmd
- Fix formatTCPOptions infinite loop on EOL (case 0 break→return)
- Fix pseudoOrderToShort panic on empty slice (negative cap)
- Fix AcceptCache goroutine leak (add done channel + Close())
- Update config.yml.example with interfaces, listen_ports, ignore_src
- Rewrite docs/services/ja4ebpf.md (was massively stale: XDP, RingBuffer, etc.)
- Fix stale XDP/RingBuffer references in docs/architecture.md, thesis, tls.go

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/thesis/03_architecture.md

@@ -10,11 +10,11 @@
 ┌──────────────────────────────────────────────────────────────────┐
 │                    SOURCES DE DONNÉES                             │
 ├───────────────────────────┬──────────────────────────────────────┤
-│  TC ingress (XDP/TC)      │  uprobe SSL_read                     │
+│  TC ingress               │  uprobe SSL_read/SSL_write           │
 │  Couches L3/L4/L5         │  Couche L7 HTTP déchiffré            │
 │                           │                                      │
 │                           │                                      │
-│  réseau XDP/TC →          │  Go Magic Bytes dispatcher →         │
+│  réseau TC →               │  Go Magic Bytes dispatcher →         │
 │  - SYN : TTL, IP-ID, DF,  │  HTTP/1.1 : method, path, query,    │
 │    MSS, Window, Scale     │    headers (bruts + ordre),          │
 │  - TLS ClientHello :      │    status, taille, durée_ms,         │