pftop - OpenBSD pf state viewer

WatchGuard firewalls have a pretty (but mostly useless) tool called "HostViewer" that lets you see which connections are coming into and going out of your firewall at any given moment.

Today I discovered a tool that gives the same functionality to OpenBSD's Packet Filter: pftop. pftop allows you to see PF's state table the same way that ps lets you see your system's process table. pftop gives you actually statistics, so you can actually open it up and, like I did, notice that your firewall was primarily busy with SSH, IMAP, and BitTorrent connections. That looks right, so I'm comfortable that what pftop is telling me is fairly accurate.