Skip to content

Instantly share code, notes, and snippets.

Last active April 8, 2024 08:12
Show Gist options
  • Star 67 You must be signed in to star a gist
  • Fork 24 You must be signed in to fork a gist
  • Save Whitexp/9591384 to your computer and use it in GitHub Desktop.
Save Whitexp/9591384 to your computer and use it in GitHub Desktop.
facebook ip list
Copy link

mattkeenan commented Aug 13, 2016

On Linux if you have iptables and ipset installed you can put the contents of the above gist into a file (say /var/tmp/facebook-nets) and then you can do the following;

# ipset create block-facebook-nets hash:net
# for net in $(cat /var/tmp/facebook-nets) ; do ipset add block-facebook-nets $net ; done

NOTE: you may get warnings / errors that some of the nets are already included, you can ignore these types of errors

# iptables -A OUTPUT -m set --match-set block-facebook-ips dst -j REJECT

NOTE: this blocks all outbound traffic from your machine to facebook (i.e. your browser trying to load facebook pages or widgets / sharing tools)

# iptables -L OUTPUT -nv
Chain OUTPUT (policy ACCEPT 1212 packets, 145K bytes)
 pkts bytes target     prot opt in     out     source               destination
   0     0   REJECT    all  --  *      *              match-set block-facebook-ips dst reject-with icmp-port-unreachable

You can also block packets coming in from facebook's networks but this would almost never happen without an outbound connection first.

Copy link

kingofnull commented Jan 21, 2017

There is complete list of facebook ips in CIDR format :

Copy link

benmork commented Jun 30, 2017

Copy link

If you are like me and found this trying to filter out FB from Google Analytics this will do the trick.

Copy link

Corepany commented Oct 3, 2017

This do the trick (from stackoverflow)
whois -h -- '-i origin AS32934' | grep ^route

I tested, it also blocks instagram

Copy link

chuleva commented Oct 13, 2017

Please add to the list.

Copy link

@Corepany I wouldn't use that command as for some reason not all Facebook servers are returned through this :/. For example ( from the Facebook Ireland datacenter ) is not included in this. So any whitelist will be incorrect.

Copy link

tjeb commented Jul 11, 2018

@peterver Not sure whether it did back in February, but the whois output includes now, so at least is also covered. More importantly, that output also includes IPv6, which the list here sorely lacks.

Copy link

torking commented Oct 31, 2018

Copy link

you can try this in case you have windows

Copy link

moreaki commented Oct 4, 2021

No need for this at the moment, since FB is down anyway ;)

Copy link

This tool will find all sorts of network ranges owned by whichever company you want:

python3 -v -e 1 -4 Facebook

Copy link

Copy link

I Added some addresses from another source and aggregated them by mask.

Copy link equal
why then the ranges listed below?

Copy link

Gengiz commented Apr 8, 2023

May God's peace, mercy and blessings be upon you. After Mr. gist. Please download the latest version

Copy link

Thank you

Copy link

Whatsapp is also blocked, if you allow, and ip for whatsapp to work, this time it goes to the internet on facebook.

Copy link

EIKAInc commented Dec 18, 2023


Thanks for the list; it helped a lot.
But sadly, three nets from it overlap. Here is the list of lines that fail to add:
failure: already have such entry
failure: already have such entry
failure: already have such entry

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment