diff --git a/sysutils/pftop/Makefile b/sysutils/pftop/Makefile
--- a/sysutils/pftop/Makefile
+++ b/sysutils/pftop/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	pftop
 PORTVERSION=	0.8
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	sysutils net
 
 MAINTAINER=	grembo@FreeBSD.org
@@ -9,6 +9,11 @@
 
 LICENSE=	BSD2CLAUSE
 
+LIB_DEPENDS=   libpfctl.so:net/libpfctl
+
+CFLAGS+=	-I${LOCALBASE}/include/
+LDFLAGS+=	-L${LOCALBASE}/lib -lpfctl
+
 USE_GITHUB=	yes
 GH_ACCOUNT=	grembo
 
diff --git a/sysutils/pftop/files/extra-patch-sf-gencode.c b/sysutils/pftop/files/extra-patch-sf-gencode.c
--- a/sysutils/pftop/files/extra-patch-sf-gencode.c
+++ b/sysutils/pftop/files/extra-patch-sf-gencode.c
@@ -1,10 +1,30 @@
 $OpenBSD: patch-sf-gencode_c,v 1.1 2008/06/13 00:38:12 canacar Exp $
 --- sf-gencode.c.orig	Tue Nov  6 23:34:18 2007
 +++ sf-gencode.c	Wed Jun 11 19:50:10 2008
-@@ -474,9 +474,107 @@ gen_proto(int proto)
+@@ -458,25 +458,123 @@
+ gen_linktype(int proto)
+ {
+ 	if (proto == ETHERTYPE_IP)
+-		return (gen_cmp(offsetof(pf_state_t, af), BPF_B,
++		return (gen_cmp(offsetof(pf_state_t, key[PF_SK_WIRE].af), BPF_B,
+ 				(bpf_int32)AF_INET));
+ 	if (proto == ETHERTYPE_IPV6)
+-		return (gen_cmp(offsetof(pf_state_t, af), BPF_B,
++		return (gen_cmp(offsetof(pf_state_t, key[PF_SK_WIRE].af), BPF_B,
+ 				(bpf_int32)AF_INET6));
+ 	/* XXX just return false? */
+-	return gen_cmp(offsetof(pf_state_t, af), BPF_B, (bpf_int32)proto);
++	return gen_cmp(offsetof(pf_state_t, key[PF_SK_WIRE].af), BPF_B, (bpf_int32)proto);
+ }
+
+ static __inline struct block *
+ gen_proto(int proto)
+ {
+-	return (gen_cmp(offsetof(pf_state_t, proto), BPF_B,
++	return (gen_cmp(offsetof(pf_state_t, key[PF_SK_WIRE].proto), BPF_B,
  			(bpf_int32)proto));
  }
- 
+
 +#ifdef HAVE_PFSYNC_KEY
  static struct block *
  gen_hostop(bpf_u_int32 addr, bpf_u_int32 mask, int dir)
@@ -350,3 +370,25 @@
  
  static struct block *
  gen_port(int port, int ip_proto, int dir)
+@@ -1326,8 +1624,8 @@
+ 	hoff = -1;
+ #else
+ #ifdef HAVE_PFSYNC_STATE
+-	hoff = offsetof(pf_state_t, bytes[out ? 0:1][0]);
+-	loff = offsetof(pf_state_t, bytes[out ? 0:1][1]);
++	hoff = offsetof(pf_state_t, bytes[out ? 0:1]);
++	loff = -1;
+ #else
+ #ifdef HAVE_STATE_COUNT_64
+ #if _BYTE_ORDER == _LITTLE_ENDIAN
+@@ -1358,8 +1656,8 @@
+ 	hoff = -1;
+ #else
+ #ifdef HAVE_PFSYNC_STATE
+-	hoff = offsetof(pf_state_t, packets[out ? 0:1][0]);
+-	loff = offsetof(pf_state_t, packets[out ? 0:1][1]);
++	hoff = offsetof(pf_state_t, packets[out ? 0:1]);
++	loff = -1;
+ #else
+ #ifdef HAVE_STATE_COUNT_64
+ #if _BYTE_ORDER == _LITTLE_ENDIAN
diff --git a/sysutils/pftop/files/patch-config.h b/sysutils/pftop/files/patch-config.h
--- a/sysutils/pftop/files/patch-config.h
+++ b/sysutils/pftop/files/patch-config.h
@@ -1,6 +1,27 @@
 --- config.h.orig	2016-11-02 12:16:30 UTC
 +++ config.h
-@@ -42,7 +42,7 @@
+@@ -18,7 +18,20 @@
+ #ifndef _CONFIG_H_
+ #define _CONFIG_H_
+ 
++#include <stdbool.h>
++#include <unistd.h>
+ 
++#include <sys/counter.h>
++#include <sys/param.h>
++#include <sys/queue.h>
++
++#include <net/ethernet.h>
++#include <net/if.h>
++#include <net/pfvar.h>
++#include <netinet/in.h>
++
++#include <libpfctl.h>
++
+ #if OS_LEVEL > 30
+ #define HAVE_STATE_NOROUTE
+ #define HAVE_DEVICE_RO
+@@ -42,7 +55,7 @@
  #if OS_LEVEL > 32
  #define HAVE_ADDR_MASK
  #define HAVE_ADDR_TYPE
@@ -9,3 +30,25 @@
  #define HAVE_RULE_TOS
  #define HAVE_OP_RRG
  #endif
+@@ -81,17 +94,13 @@
+ 
+ #ifdef HAVE_PFSYNC_STATE
+ #if OS_LEVEL > 45
+-typedef struct pfsync_state_1301 pf_state_t;
++typedef struct pfctl_state pf_state_t;
+ #else
+-typedef struct pfsync_state pf_state_t;
++typedef struct pfctl_state pf_state_t;
+ #endif
+ typedef struct pfsync_state_host pf_state_host_t;
+-typedef struct pfsync_state_peer pf_state_peer_t;
+-#ifdef HAVE_NETWORK_ORDER
+-#define COUNTER(c) ((((u_int64_t) ntohl(c[0]))<<32) + ntohl(c[1]))
+-#else
+-#define COUNTER(c) ((((u_int64_t) c[0])<<32) + c[1])
+-#endif
++typedef struct pfctl_state_peer pf_state_peer_t;
++#define COUNTER(c) (c)
+ #define pfs_ifname ifname
+ #else
+ typedef struct pf_state pf_state_t;
diff --git a/sysutils/pftop/files/patch-pftop.c b/sysutils/pftop/files/patch-pftop.c
--- a/sysutils/pftop/files/patch-pftop.c
+++ b/sysutils/pftop/files/patch-pftop.c
@@ -1,5 +1,300 @@
 --- pftop.c.orig	2023-09-29 17:36:57 UTC
 +++ pftop.c
+@@ -63,6 +65,8 @@
+ #include <unistd.h>
+ #include <stdarg.h>
+ 
++#include <libpfctl.h>
++
+ #include "engine.h"
+ #include "cache.h"
+ #include "sf-gencode.h"
+@@ -417,10 +421,10 @@
+ sort_size_callback(const void *s1, const void *s2)
+ {
+ #ifdef HAVE_INOUT_COUNT
+-	u_int64_t b1 = COUNTER(state_buf[* (u_int32_t *) s1].bytes[0]) + 
+-		COUNTER(state_buf[* (u_int32_t *) s1].bytes[1]);
+-	u_int64_t b2 = COUNTER(state_buf[* (u_int32_t *) s2].bytes[0]) + 
+-		COUNTER(state_buf[* (u_int32_t *) s2].bytes[1]);
++	u_int64_t b1 = (state_buf[* (u_int32_t *) s1].bytes[0]) + 
++		(state_buf[* (u_int32_t *) s1].bytes[1]);
++	u_int64_t b2 = (state_buf[* (u_int32_t *) s2].bytes[0]) + 
++		(state_buf[* (u_int32_t *) s2].bytes[1]);
+ #else
+ 	u_int64_t b1 = COUNTER(state_buf[* (u_int32_t *) s1].bytes);
+ 	u_int64_t b2 = COUNTER(state_buf[* (u_int32_t *) s2].bytes);
+@@ -436,10 +440,10 @@
+ sort_pkt_callback(const void *s1, const void *s2)
+ {
+ #ifdef HAVE_INOUT_COUNT
+-	u_int64_t p1 = COUNTER(state_buf[* (u_int32_t *) s1].packets[0]) + 
+-		COUNTER(state_buf[* (u_int32_t *) s1].packets[1]);
+-	u_int64_t p2 = COUNTER(state_buf[* (u_int32_t *) s2].packets[0]) + 
+-		COUNTER(state_buf[* (u_int32_t *) s2].packets[1]);
++	u_int64_t p1 = (state_buf[* (u_int32_t *) s1].packets[0]) + 
++		(state_buf[* (u_int32_t *) s1].packets[1]);
++	u_int64_t p2 = (state_buf[* (u_int32_t *) s2].packets[0]) + 
++		(state_buf[* (u_int32_t *) s2].packets[1]);
+ #else
+ 	u_int64_t p1 = COUNTER(state_buf[* (u_int32_t *) s1].packets);
+ 	u_int64_t p2 = COUNTER(state_buf[* (u_int32_t *) s2].packets);
+@@ -557,12 +561,12 @@
+ 	u_int16_t pa, pb;
+ 	int af, ret, ii, io;
+ 
+-	af = s1->af;
++	af = s1->key[PF_SK_STACK].af;
+ 
+ 
+-	if (af > s2->af)
++	if (af > s2->key[PF_SK_STACK].af)
+ 		return sortdir;
+-	if (af < s2->af)
++	if (af < s2->key[PF_SK_STACK].af)
+ 		return -sortdir;
+ 	
+        	ii = io = 0;
+@@ -608,12 +612,12 @@
+ 	u_int16_t pa, pb;
+ 	int af, ret, ii, io;
+ 
+-	af = s1->af;
++	af = s1->key[PF_SK_STACK].af;
+ 
+ 
+-	if (af > s2->af)
++	if (af > s2->key[PF_SK_STACK].af)
+ 		return sortdir;
+-	if (af < s2->af)
++	if (af < s2->key[PF_SK_STACK].af)
+ 		return -sortdir;
+ 	
+        	ii = io = 0;
+@@ -816,32 +818,35 @@
+ int
+ read_states(void)
+ {
+-	struct pfioc_states ps;
++	struct pfctl_states ps = { };
++	pf_state_t *i, *d;
+ 	int n;
+
+-	for (;;) {
+-		int sbytes = state_buf_len * sizeof(pf_state_t);
+-
+-		ps.ps_len = sbytes;
+-		ps.ps_buf = (char *) state_buf;
+-
+-		if (ioctl(pf_dev, DIOCGETSTATES, &ps) < 0) {
++	if (pfctl_get_states(pf_dev, &ps)) {
+ 			msgprintf("Error Reading States (DIOCGETSTATES): %s",
+ 				    strerror(errno));
+ 			return (-1);
+-		}
+-		num_states_all = ps.ps_len / sizeof(pf_state_t);
++	}
+
+-		if (ps.ps_len < sbytes)
+-			break;
++	n = 0;
++	TAILQ_FOREACH(i, &ps.states, entry) {
++		n++;
++	}
+
+-		alloc_buf(num_states_all);
++	if ((state_buf_len * sizeof(pf_state_t)) < (sizeof(struct pfctl_state) * n))
++		alloc_buf(n);
++	num_states_all = n;
++
++	d = state_buf;
++	TAILQ_FOREACH(i, &ps.states, entry) {
++		memcpy(d, i, sizeof(*i));
++		d++;
+ 	}
+
+ 	if (dumpfilter) {
+ 		int fd = open("state.dmp", O_WRONLY|O_CREAT|O_EXCL, 0);
+ 		if (fd > 0) {
+-			write(fd, state_buf, ps.ps_len);
++			write(fd, state_buf, num_states_all * sizeof(pf_state_t));
+ 			close(fd);
+ 		}
+ 	}
+@@ -778,7 +778,7 @@
+ int
+ print_header(void)
+ {
+-	struct pf_status status;
++	struct pfctl_status *status;
+ 	struct tm *tp;
+ 	time_t t;
+ 	order_type *ordering;
+@@ -786,7 +786,7 @@
+ 	int start = dispstart + 1;
+ 	int end = dispstart + maxprint;
+ 
+-	if (ioctl(pf_dev, DIOCGETSTATUS, &status)) {
++	if ((status = pfctl_get_status(pf_dev)) == NULL) {
+ 		msgprintf("Error Reading status (DIOCGETSTATUS): %s", strerror(errno));
+ 		return (-1);
+ 	}
+@@ -797,7 +797,7 @@
+ 	tb_start();
+ 	tbprintf("pfTop: ");
+ 
+-	tbprintf(status.running ? "Up" : "Down");
++	tbprintf(status->running ? "Up" : "Down");
+ 
+ 	tbprintf(" %s", curr_mgr ? curr_mgr->name : "???");
+ 
+@@ -848,6 +848,8 @@
+ 
+ 	tb_end();
+ 
++	pfctl_free_status(status);
++
+ 	return (1);
+ }
+ 
+@@ -988,8 +1005,8 @@
+ }
+ #ifdef HAVE_PFSYNC_KEY
+ void
+-print_fld_host2(field_def *fld, struct pfsync_state_key *ks,
+-		struct pfsync_state_key *kn, int idx, int af)
++print_fld_host2(field_def *fld, struct pfctl_state_key *ks,
++		struct pfctl_state_key *kn, int idx, int af)
+ {
+ 	struct pf_addr *as = &ks->addr[idx];
+ 	struct pf_addr *an = &kn->addr[idx];
+@@ -1112,37 +1116,37 @@
+ 		dst = &s->src;
+ 	}
+
+-	p = getprotobynumber(s->proto);
++	p = getprotobynumber(s->key[PF_SK_WIRE].proto);
+
+ 	if (p != NULL)
+ 		print_fld_str(FLD_PROTO, p->p_name);
+ 	else
+-		print_fld_uint(FLD_PROTO, s->proto);
++		print_fld_uint(FLD_PROTO, s->key[PF_SK_WIRE].proto);
+
+ #ifdef HAVE_PFSYNC_KEY
+ 	if (s->direction == PF_OUT) {
+ 		print_fld_host2(FLD_SRC, &s->key[PF_SK_WIRE],
+-		    &s->key[PF_SK_STACK], 1, s->af);
++		    &s->key[PF_SK_STACK], 1, s->key[PF_SK_WIRE].af);
+ 		print_fld_host2(FLD_DEST, &s->key[PF_SK_WIRE],
+-		    &s->key[PF_SK_STACK], 0, s->af);
++		    &s->key[PF_SK_STACK], 0, s->key[PF_SK_WIRE].af);
+ 	} else {
+ 		print_fld_host2(FLD_SRC, &s->key[PF_SK_STACK],
+-		    &s->key[PF_SK_WIRE], 0, s->af);
++		    &s->key[PF_SK_WIRE], 0, s->key[PF_SK_STACK].af);
+ 		print_fld_host2(FLD_DEST, &s->key[PF_SK_STACK],
+-		    &s->key[PF_SK_WIRE], 1, s->af);
++		    &s->key[PF_SK_WIRE], 1, s->key[PF_SK_STACK].af);
+ 	}
+ #else
+ 	if (s->direction == PF_OUT) {
+-		print_fld_host(FLD_SRC, &s->lan, s->af);
+-		print_fld_host(FLD_DEST, &s->ext, s->af);
++		print_fld_host(FLD_SRC, &s->lan, s->key[PF_SK_WIRE].af);
++		print_fld_host(FLD_DEST, &s->ext, s->key[PF_SK_WIRE].af);
+ 	} else {
+-		print_fld_host(FLD_SRC, &s->ext, s->af);
+-		print_fld_host(FLD_DEST, &s->lan, s->af);
++		print_fld_host(FLD_SRC, &s->ext, s->key[PF_SK_WIRE].af);
++		print_fld_host(FLD_DEST, &s->lan, s->key[PF_SK_WIRE].af);
+ 	}
+
+-	if (PF_ANEQ(&s->lan.addr, &s->gwy.addr, s->af) ||
++	if (PF_ANEQ(&s->lan.addr, &s->gwy.addr, s->key[PF_SK_WIRE].af) ||
+ 	    (s->lan.port != s->gwy.port)) {
+-		print_fld_host(FLD_GW, &s->gwy, s->af);
++		print_fld_host(FLD_GW, &s->gwy, s->key[PF_SK_WIRE].af);
+ 	}
+ #endif
+
+@@ -1151,7 +1155,7 @@
+ 	else
+ 		print_fld_str(FLD_DIR, "In");
+
+-	print_fld_state(FLD_STATE, s->proto, src->state, dst->state);
++	print_fld_state(FLD_STATE, s->key[PF_SK_WIRE].proto, src->state, dst->state);
+ 	print_fld_age(FLD_AGE, PF_TSTAMP(s->creation));
+ 	print_fld_age(FLD_EXP, PF_TSTAMP(s->expire));
+ #ifdef HAVE_INOUT_COUNT
+@@ -1029,7 +1029,7 @@
+
+ /* rule display */
+
+-struct pf_rule *rules = NULL;
++struct pfctl_rule *rules = NULL;
+ u_int32_t alloc_rules = 0;
+
+ int
+@@ -1069,6 +1071,7 @@
+ read_anchor_rules(char *anchor)
+ {
+ 	struct pfioc_rule pr;
++	struct pfctl_rule rule;
+ 	u_int32_t nr, num, off;
+ 
+ 	memset(&pr, 0, sizeof(pr));
+@@ -1086,8 +1089,7 @@
+ 	add_rule_alloc(num);
+ 
+ 	for (nr = 0; nr < num; ++nr) {
+-		pr.nr = nr;
+-		if (ioctl(pf_dev, DIOCGETRULE, &pr)) {
++		if (pfctl_get_rule(pf_dev, nr, pr.ticket, anchor, pr.action, &rule, pr.anchor_call)) {
+ 			msgprintf("Error Reading Rule (DIOCGETRULE): %s",
+ 				  strerror(errno));
+ 			return (-1);
+@@ -1095,7 +1097,7 @@
+ #ifdef HAVE_RULESETS
+ 		/* XXX overload pr.anchor, to store a pointer to
+ 		 * anchor name */
+-		pr.rule.anchor = (struct pf_anchor *) anchor;
++		rule.anchor = (struct pfctl_anchor *) anchor;
+ #endif
+ #ifdef HAVE_RULE_LABELS
+ 		{
+@@ -1277,7 +1281,7 @@
+ 				label_length = len;
+ 		}
+ #endif
+-		rules[off + nr] = pr.rule;
++		rules[off + nr] = rule;
+ 	}
+
+ 	return (num);
+@@ -1633,7 +1632,7 @@
+ }
+ 
+ void
+-print_rule(struct pf_rule *pr)
++print_rule(struct pfctl_rule *pr)
+ {
+ 	static const char *actiontypes[] = { "Pass", "Block", "Scrub", "Nat",
+ 	    "no Nat", "Binat", "no Binat", "Rdr", "no Rdr" };
+@@ -1645,11 +1649,11 @@
+ 	if (pr == NULL) return;
+
+ #ifdef HAVE_RULE_LABELS
+-	print_fld_str(FLD_LABEL, pr->label);
++	print_fld_str(FLD_LABEL, pr->label[0]);
+ #endif
+ #ifdef HAVE_RULE_STATES
+ #ifdef HAVE_PFSYNC_KEY
+-	print_fld_size(FLD_STATS, pr->u_states_tot);
++	print_fld_size(FLD_STATS, pr->states_tot);
+ #else
+ 	print_fld_size(FLD_STATS, pr->states);
+ #endif
 @@ -1663,7 +1663,13 @@ print_rule(struct pf_rule *pr)
  	print_fld_size(FLD_BYTES, pr->bytes);
  #endif
@@ -41,3 +336,31 @@
  			pq.nr = nr;
  			pq.ticket = pa.ticket;
  			pq.buf = &qstats;
+@@ -2413,7 +2453,7 @@
+ 	extern char *optarg;
+ 	extern int optind;
+ 
+-	struct pf_status status;
++	struct pfctl_status *status = NULL;
+ 
+ 	char *orderstr = NULL;
+ 	char *viewstr = NULL;
+@@ -2526,11 +2573,15 @@
+ 		err(1, "open(\"/dev/pf\")");
+ 
+ 	/* preallocate existing states if possible */
+-	if (ioctl(pf_dev, DIOCGETSTATUS, &status)) {
++	if ((status = pfctl_get_status(pf_dev)) == NULL) {
+ 		warn("DIOCGETSTATUS");
+ 		alloc_buf(0);
+-	} else
+-		alloc_buf(status.states);
++	} else {
++		alloc_buf(status->states);
++		pfctl_free_status(status);
++		status = NULL;
++	}
++
+ 
+ 	setup_term(maxstates);
+