catnip is a tiny network packet mirroring tool. The server (source) is not based on libpcap and, when compiled and stripped, makes the binary smaller than 20kiB. This makes it very suitable for embedded environments where a libpcap-based tool, typically 100kiB for just libpcap and 500kiB for tcpdump, would be simply too large. What makes catnip stand out from other small packet capturing tools is that it presents the remote systems interface as a local TUN/TAP interface, but additionally can apply a BPF filter at the remote end to send to you only the traffic you are interested in.
iesd is a shell based daemon that uses Linux cgroups (cpu and blkio) to improve the responsiveness of the user's workstation. Inspired by both the "200 line kernel wonder patch" and "shell four liner", this shell daemon was written so that any kernel that supports cgroup cpu can bring benefits to the user.
What makes this QoS script different than many other scripts is its general auto-configuration, use of iptables to ease local customization of classification, transparent IPv6 support, and the ability to handle varying connection speeds (such as those seen on contended xDSL connections). The script should work on any relatively modern kernel (since 2009), and is being used and tested by the author on his WAG54Gv2.
lpkfuse is a FUSE filesystem that lets you place all the SSH public keys of your users into LDAP. Without this tool, you would have to patch your SSH server (for example using openssh-lpk) to support this. But with lpkfuse, you just need to amend AuthorizedKeysFile in your sshd_config file. Other benefits include LDAP resilence and caching/local-fallback in case no LDAP servers are accessible.