iptstateを今まで知らなかったのでメモ。
netfilter/iptablesの情報をtopコマンドのように表示してくれます。

こんな感じで表示されます。

/usr/sbin/iptstate

                                    IPTables - State Top
Version: 1.4          Sort: SrcIP reverse   s to change sorting
Source                        Destination                   Proto   State        TTL
0.0.0.0:68                    255.255.255.255:67            udp                    0:00:24
127.0.0.1:53698               127.0.0.1:11211               tcp     TIME_WAIT      0:00:51
127.0.0.1:53691               127.0.0.1:11211               tcp     TIME_WAIT      0:00:17
127.0.0.1:53690               127.0.0.1:11211               tcp     TIME_WAIT      0:00:16
127.0.0.1:53685               127.0.0.1:11211               tcp     TIME_WAIT      0:00:12
127.0.0.1:53696               127.0.0.1:11211               tcp     TIME_WAIT      0:00:23
127.0.0.1:53684               127.0.0.1:11211               tcp     TIME_WAIT      0:00:10
127.0.0.1:44017               127.0.0.1:199                 tcp     ESTABLISHED  119:58:56

オプション

Usage: iptstate [-dfhlLRst] [-b [d|p|s|t]] [-D <address>] [-S <address>] [-r <seconds>]
        b: Sort by
           d: Destination IP (or Name)
           p: Protocol
           s: State
           t: TTL
           (to sort by Source IP (or Name), don't use -b)

        d: Do not dynamically choose sizing, use default
        D: Only show states with a destination of the IP address given
        f: Filter loopback
        h: This help message
        l: Show hostnames instead of IP addresses
        L: Hide DNS lookups
        r: Refresh rate, followed by rate in seconds
           (for statetop, not applicable for -s)
        R: reverse sort order
        s: Single run (no curses)
        S: Only show states with a source of the IP address given
        t: Print totals

netstatよりもかなり便利に表示することができると思います。