pfsync

Use a physically separate net (crossover cable, separate VLAN)

$ sudo ifconfig pfsync0 syncpeer 10.0.12.16 syncdev ep2