I'm pretty sure you'll find that most sites try to switch to HTTPS for login information, so that people sniffing on the wire aren't capturing usernames and passwords. Think about it... would you log into a side that was plain text auth?

That being said, some websites are still plain text submission (unfortunately), however there are specialized tools so that you don't have to scour programs like tcpdump for the information... dsniff and ettercap both have password capturing tools. You may also be interested in the concept of Sidejacking. The guys from ErrataSec released a tool for SideJacking at BlackHat last year.

That being said, if you're looking to play and do, as you said, own the firewall... which would be inline to your network traffic, there's no reason why you couldn't play with your firewall to do some easy MitM of your SSL traffic.