Goat is a tournament organizer assistant. It is designed to help run long tournaments that are primarily organized by email, such as Toulouse's Permanent Go Tournament, where a round is played each month, and it's up to the players to arrange their meeting time and place. Experience has shown that players need reminders to play their games, give results, etc. Goat helps to automate this management. After pairing the players, the tournament admin will enter the pairings into Goat, and Goat will take over all the remaining business.
sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.
RememberTheMilk is a command line tool that provides a command line interface for the RememberTheMilk task list manager. It includes RTMAgent.pm, a Perl module that implements the low-level API. It provides a UserAgent object that lets you call all of RTM's API methods as normal Perl methods. It also includes rtm, a Perl script that uses RTMAgent to implement a very simple command line interface.
OmniComment is a small script to that enables a Webmaster to add comments to any page. The idea is to include a call to the script in the appropriate page, using an SSI statement. The script will write out the appropriate HTML containing a link to the comments already posted for this page and a form to post new comments. In principle this is similar to Gentle Comment, except it's more lightweight: it uses a flat directory and normal files to store the comment (as opposed to a MySQL database), so it is not appropriate if your Web site receives thousand of comments a minute. Another difference is that all configuration happens in a text file, and there is no Web interface to perform administration. OmniComment generates an ATOM feed that follows publication of comments anywhere in the site.
Ok, as a security consultant the idea of doing level-7 filtering in kernel space almost made me lose my breakfast -- one vulnerability in your code and you're giving away the entire shop. To be honest, I already feel like all of iptables should be done in user space.
To quote D.Knuth, "premature optimization is the root of all evil": I would really suggest trying it out and profiling first to confirm that sslh is indeed too slow. I think you're overestimating the cost of forking (it's very low in Linux).
If it turns out to be a bottleneck indeed, then I'd look at zero-copy (I remember there is a Linux-specific system call to tell the kernel to copy from one fd to another, thus you save the additional copying.). With that, the only overhead of sslh would be the forking, and even that could conceivable be removed.
Doing things in kernel space for the sake of performance, sorry, no. There has once been a kernel-space Web server in Linux: no-one used it, and the world went on with user-space Web servers, for good reasons.
Basically for each incoming connection, a new process is started that shovels data from the outcoming socket to the internal socket. Cost is one memory copy.
I don't expect sslh would be a bottleneck in normal usage -- establishing https connections would typically have a much higher CPU cost than sslh processing. However, I don't think it's ever been used in such an environment, so no guarantees. If you do try it, let me know how it goes.