List of IP Space used by Facebook
-
To block facebook, use thier current IPs list as of 2013-01-01:
74.119.76.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.184.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.176.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.176.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.255.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.240.0/20 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.239.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.224.0/20 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
66.220.152.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
66.220.144.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.96.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.82.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.81.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.80.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.79.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.78.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.77.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.76.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.75.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.74.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.73.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.72.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.71.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.70.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.69.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.66.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.65.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.64.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.64.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.24.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
204.15.20.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.96.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.70.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.64.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
103.4.96.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTCFacebook IPv6 IPs:
2a03:2880:f006::/48 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2a03:2880::/32 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2620:0:1cff::/48 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2620:0:1c00::/40 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTCHope this help.
jigp
-
NetRange: 173.252.64.0 - 173.252.127.255
CIDR: 173.252.64.0/18Much easier….
-
Thanks! But they have alot of IPs range.
-
Latest IPs list as of January 8, 2013 6:48:02.01
IPV4 IPs:
route: 204.15.20.0/22
route: 69.63.176.0/20
route: 66.220.144.0/20
route: 66.220.144.0/21
route: 69.63.184.0/21
route: 69.63.176.0/21
route: 74.119.76.0/22
route: 69.171.255.0/24
route: 173.252.64.0/18
route: 69.171.224.0/19
route: 69.171.224.0/20
route: 103.4.96.0/22
route: 69.63.176.0/24
route: 173.252.64.0/19
route: 173.252.70.0/24
route: 31.13.64.0/18
route: 31.13.24.0/21
route: 66.220.152.0/21
route: 66.220.159.0/24
route: 69.171.239.0/24
route: 69.171.240.0/20
route: 31.13.64.0/19
route: 31.13.64.0/24
route: 31.13.65.0/24
route: 31.13.67.0/24
route: 31.13.68.0/24
route: 31.13.69.0/24
route: 31.13.70.0/24
route: 31.13.71.0/24
route: 31.13.72.0/24
route: 31.13.73.0/24
route: 31.13.74.0/24
route: 31.13.75.0/24
route: 31.13.76.0/24
route: 31.13.77.0/24
route: 31.13.96.0/19
route: 31.13.66.0/24
route: 173.252.96.0/19
route: 69.63.178.0/24
route: 31.13.78.0/24
route: 31.13.79.0/24
route: 31.13.80.0/24
route: 31.13.82.0/24
route: 31.13.83.0/24
route: 31.13.84.0/24
route: 31.13.85.0/24
route: 31.13.86.0/24
route: 31.13.87.0/24
route: 31.13.88.0/24
route: 31.13.89.0/24
route: 31.13.90.0/24
route: 31.13.91.0/24
route: 31.13.92.0/24
route: 31.13.93.0/24
route: 31.13.94.0/24
route: 31.13.95.0/24
route: 69.171.253.0/24
route: 69.63.186.0/24
route: 204.15.20.0/22
route: 69.63.176.0/20
route: 69.63.176.0/21
route: 69.63.184.0/21
route: 66.220.144.0/20
route: 69.63.176.0/20IPV6 IPs:
route6: 2620:0:1c00::/40
route6: 2a03:2880::/32
route6: 2401:DB00::/32
route6: 2a03:2880:fffe::/48
route6: 2a03:2880:ffff::/48
route6: 2620:0:1cff::/48 -
But if you block det main domain, then subdomains will also be blocked….
-
http://whois.arin.net/rest/org/THEFA-3/nets should always be up-to-date for ARIN at least. Not sure if the other organizations keep such handy links around…
-
http://whois.arin.net/rest/org/THEFA-3/nets should always be up-to-date for ARIN at least. Not sure if the other organizations keep such handy links around…
This is much better (i think)
http://bgp.he.net/AS32934#_prefixes -
I noticed that Facebook added several new IP ranges in the past 12 months.
While there are several ways to do filtering (e.g. url filtering with a proxy), there are a few websites (e.g. Facebook and Google for Gmail, GoogleApps) that practically every network administrator in the world will just have to deal with one way or another. Last year I posted a related feature request Maintain IP range tables for popular Internet sites.
IMHO it would be very convenient for many net admins (especially less experienced ones), if pfSense provided them an easy way to keep such aliases up-to-date (and if they were given a choice, I bet the majority would choose to have those files maintained on files.pfsense.org vs the full-bogons lists LOL)
-
It's an easy feature to suggest, but it's a lot of work for us to implement and even more to maintain. There are places like countryipblocks that keep lists and they charge now because they've found that doing it for free isn't feasible. Having to constantly research those sites every few days/weeks/months is not something that will be easy to automate, if it's even possible.
Sounds like something that could be added to pfBlocker if someone wanted to make the effort to maintain the lists.
-
Jimp, I didn't mean that people should maintain these lists manually. When I first suggested that feature 1+ year ago, I had just quickly hacked together a shell script that would run on pfsense and would compile the IP ranges of Google using the recommended method (i.e. spf records) and load them as pf table. I'll search for the script and post it, if others are interested.
Unfortunately, as Ermal pointed out in the redmine ticket, this method isn't universal.
-
Sounds like something that could be added to pfBlocker if someone wanted to make the effort to maintain the lists.
see this thread http://forum.pfsense.org/index.php/topic,57386.0.html