List of IP Space used by Facebook

jigpe

To block facebook, use thier current IPs list as of 2013-01-01:

74.119.76.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.184.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.176.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.63.176.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.255.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.240.0/20 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.239.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
69.171.224.0/20 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
66.220.152.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
66.220.144.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.96.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.82.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.81.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.80.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.79.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.78.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.77.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.76.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.75.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.74.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.73.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.72.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.71.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.70.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.69.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.66.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.65.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.64.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.64.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
31.13.24.0/21 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
204.15.20.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.96.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.70.0/24 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
173.252.64.0/19 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
103.4.96.0/22 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC

Facebook IPv6 IPs:
2a03:2880:f006::/48 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2a03:2880::/32 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2620:0:1cff::/48 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC
2620:0:1c00::/40 2012-12-18 08:00:00 UTC 2013-01-01 08:00:00 UTC

Hope this help.

jigp

Supermule

NetRange:      173.252.64.0 - 173.252.127.255
CIDR:          173.252.64.0/18

Much easier….

jigpe

Thanks! But they have alot of IPs range.

jigpe

Latest IPs list as of January 8, 2013 6:48:02.01

IPV4 IPs:
route:      204.15.20.0/22
route:      69.63.176.0/20
route:      66.220.144.0/20
route:      66.220.144.0/21
route:      69.63.184.0/21
route:      69.63.176.0/21
route:      74.119.76.0/22
route:      69.171.255.0/24
route:      173.252.64.0/18
route:      69.171.224.0/19
route:      69.171.224.0/20
route:      103.4.96.0/22
route:      69.63.176.0/24
route:      173.252.64.0/19
route:      173.252.70.0/24
route:      31.13.64.0/18
route:      31.13.24.0/21
route:      66.220.152.0/21
route:      66.220.159.0/24
route:      69.171.239.0/24
route:      69.171.240.0/20
route:      31.13.64.0/19
route:      31.13.64.0/24
route:      31.13.65.0/24
route:      31.13.67.0/24
route:      31.13.68.0/24
route:      31.13.69.0/24
route:      31.13.70.0/24
route:      31.13.71.0/24
route:      31.13.72.0/24
route:      31.13.73.0/24
route:      31.13.74.0/24
route:      31.13.75.0/24
route:      31.13.76.0/24
route:      31.13.77.0/24
route:      31.13.96.0/19
route:      31.13.66.0/24
route:      173.252.96.0/19
route:      69.63.178.0/24
route:      31.13.78.0/24
route:      31.13.79.0/24
route:      31.13.80.0/24
route:      31.13.82.0/24
route:      31.13.83.0/24
route:      31.13.84.0/24
route:      31.13.85.0/24
route:      31.13.86.0/24
route:      31.13.87.0/24
route:      31.13.88.0/24
route:      31.13.89.0/24
route:      31.13.90.0/24
route:      31.13.91.0/24
route:      31.13.92.0/24
route:      31.13.93.0/24
route:      31.13.94.0/24
route:      31.13.95.0/24
route:      69.171.253.0/24
route:      69.63.186.0/24
route:      204.15.20.0/22
route:      69.63.176.0/20
route:      69.63.176.0/21
route:      69.63.184.0/21
route:      66.220.144.0/20
route:          69.63.176.0/20

IPV6 IPs:
route6:     2620:0:1c00::/40
route6:     2a03:2880::/32
route6:     2401:DB00::/32
route6:     2a03:2880:fffe::/48
route6:     2a03:2880:ffff::/48
route6:     2620:0:1cff::/48

Supermule

But if you block det main domain, then subdomains will also be blocked….

jimp

http://whois.arin.net/rest/org/THEFA-3/nets should always be up-to-date for ARIN at least. Not sure if the other organizations keep such handy links around…

francisuk22

@jimp:

http://whois.arin.net/rest/org/THEFA-3/nets should always be up-to-date for ARIN at least. Not sure if the other organizations keep such handy links around…

This is much better (i think)
http://bgp.he.net/AS32934#_prefixes

dhatz

I noticed that Facebook added several new IP ranges in the past 12 months.

While there are several ways to do filtering (e.g. url filtering with a proxy), there are a few websites (e.g. Facebook and Google for Gmail, GoogleApps) that practically every network administrator in the world will just have to deal with one way or another. Last year I posted a related feature request Maintain IP range tables for popular Internet sites.

IMHO it would be very convenient for many net admins (especially less experienced ones), if pfSense provided them an easy way to keep such aliases up-to-date (and if they were given a choice, I bet the majority would choose to have those files maintained on files.pfsense.org vs the full-bogons lists LOL)

jimp

It's an easy feature to suggest, but it's a lot of work for us to implement and even more to maintain. There are places like countryipblocks that keep lists and they charge now because they've found that doing it for free isn't feasible. Having to constantly research those sites every few days/weeks/months is not something that will be easy to automate, if it's even possible.

Sounds like something that could be added to pfBlocker if someone wanted to make the effort to maintain the lists.

dhatz

Jimp, I didn't mean that people should maintain these lists manually. When I first suggested that feature 1+ year ago, I had just quickly hacked together a shell script that would run on pfsense and would compile the IP ranges of Google using the recommended method (i.e. spf records) and load them as pf table. I'll search for the script and post it, if others are interested.

Unfortunately, as Ermal pointed out in the redmine ticket, this method isn't universal.

francisuk22

@jimp:

Sounds like something that could be added to pfBlocker if someone wanted to make the effort to maintain the lists.

see this thread http://forum.pfsense.org/index.php/topic,57386.0.html