# IPFW on Windows 7 x64



## rvarma (Jul 11, 2013)

I have 3 questions.

I installed IPPW + Dummynet on an x64 Windows 7 system.  ipfw.exe and ipfw.sys were digitally signed (required on Windows 7 x64 bit).  Then I ran a batch file with lines like:


```
ipfw pipe 3 config delay 15ms bw 1200Kbit/s
ipfw add pipe 3 ip from any to any
```

This worked fine for 2 weeks.  But after reboot,

I ran the batch file again but it does not limit bandwidth.
How do I make these rules to become effective again automatically, without having to run a batch file and bringing up a command console.
Is there a way to enable and get some kind of logging from dummynet/ipfw?

Would really appreciate if some can help me with these.

Thanks
Rama


----------



## wblock@ (Jul 11, 2013)

Let me be the first to say that I'm surprised to learn there is a Windows version of ipfw(4).  As FreeBSD users, there are probably not many people who can help you with that here.  Maybe the project that ported the software to Windows has a forum or mailing list?  They would be much better authorities on using that version of the software.

There are certainly people here who could describe how to set up a FreeBSD VM that would run ipfw(4) or one of the other native FreeBSD firewalls.


----------



## qsecofr (Jul 12, 2013)

I use pipes and queues to limit bandwidth.  My memory may be bad, but I have been under the impression that the two are used in conjunction, and that the order in which the commands are given made a difference. 


```
$ipfw -q add pipe 3 tcp from any to me ftp,http,https in
$ipfw -q add pipe 4 tcp from me 51151-51201,ftp\\-data,ftp,http,https to any out

$ipfw -q add queue 3 tcp from any to me ftp,http,https in
$ipfw -q add queue 4 tcp from me 51151-51201,ftp\\-data,ftp,http,https to any out

$ipfw -q queue 3 config pipe 3 weight 30 queue 5Kbytes
$ipfw -q queue 4 config pipe 4 weight 30 queue 5Kbytes

$ipfw -q pipe 3 config bw 200Kbits/s queue 10Kbytes
$ipfw -q pipe 4 config bw 450Kbits/s queue 10Kbytes
```

The man page doesn't suggest a logging config option, but individual rules specifying allow or deny can log.  I assume logging works in Windows too, but I have no idea to what file.  It's not really clear what data you seek from logging.


----------



## rvarma (Jul 15, 2013)

Thanks a lot for your input.


----------



## Pushrod (Jul 17, 2013)

You should be able to create a service that runs a batch file that does what you want.


----------



## rvarma (Jul 18, 2013)

*Thanks*

Thanks a lot for your input.


----------

