How to deny access of facebook

  • Hi ,does any one knows how to deny access of facebook , I can't figure out where is the configuration :'(
    Any suggestion will be appreciated :)

  • Install pfBlockerNG, then set up a block rule with something like:


  • Alternately, install Squid/Squidguard or Squid/Dansguardian and set up a block rule there.

  • I haven't tried it, but off the top of my head you could add a DNS override for to resolve to or something like that.

  • Banned

    ..somethink like in the hosts file? Don't think this is easily done, or? An then they enter the IP and you'r lost again ;-)

  • I block by Rule using alias with all Facebook address.
    I create the list using the AS Number.

    You can get this list using whois:
    whois -h – '-i origin AS32934' | grep ^route

    Before you could create a alias with this address an block the alias by Rule.


    <address> 2620:0:1c00::/40 2a03:2880::/32 2401:DB00::/32 2a03:2880:fffe::/48 2a03:2880:ffff::/48 2620:0:1cff::/48 2a03:2880:f000::/48 2a03:2880:f001::/48 2a03:2880:f002::/48 2a03:2880:f003::/48 2a03:2880:f004::/48 2a03:2880:f005::/48 2a03:2880:f006::/48 2a03:2880:f007::/48 2a03:2880:f008::/48 2a03:2880:f009::/48 2a03:2880:f00a::/48 2a03:2880:f00b::/48 2a03:2880:f00c::/48 2a03:2880:f00d::/48 2a03:2880:f00e::/48 2a03:2880:f00f::/48 2a03:2880:f010::/48 2a03:2880:f011::/48 2a03:2880:f012::/48 2a03:2880:f013::/48 2a03:2880:f014::/48 2a03:2880:f015::/48 2a03:2880:f016::/48 2a03:2880:f017::/48 2a03:2880:f018::/48 2a03:2880:f019::/48 2a03:2880:f01a::/48 2a03:2880:f01b::/48 2a03:2880:f01c::/48 2a03:2880:f01d::/48 2a03:2880:f01e::/48 2a03:2880:f01f::/48 2a03:2880:0000::/36 2a03:2880:1000::/36 2a03:2880:2000::/36 2a03:2880:3000::/36 2a03:2880:4000::/36 2a03:2880:5000::/36 2a03:2880:6000::/36 2a03:2880:7000::/36</address>


  • Moderator

    You can actually do both… In Unbound or dnsmasq, create a Domain override. Also use pfBlockerNG to download the most recent IPs automatically daily/weekly as required. Hurricane Electric is a great source to collect IPs for almost any site.

Log in to reply