Skip to content

Instantly share code, notes, and snippets.

@Whitexp
Last active September 23, 2024 17:42
Show Gist options
  • Save Whitexp/9591384 to your computer and use it in GitHub Desktop.
Save Whitexp/9591384 to your computer and use it in GitHub Desktop.
facebook ip list
31.13.24.0/21
31.13.64.0/19
31.13.64.0/24
31.13.69.0/24
31.13.70.0/24
31.13.71.0/24
31.13.72.0/24
31.13.73.0/24
31.13.75.0/24
31.13.76.0/24
31.13.77.0/24
31.13.78.0/24
31.13.79.0/24
31.13.80.0/24
66.220.144.0/20
66.220.144.0/21
66.220.149.11/16
66.220.152.0/21
66.220.158.11/16
66.220.159.0/24
69.63.176.0/21
69.63.176.0/24
69.63.184.0/21
69.171.224.0/19
69.171.224.0/20
69.171.224.37/16
69.171.229.11/16
69.171.239.0/24
69.171.240.0/20
69.171.242.11/16
69.171.255.0/24
74.119.76.0/22
173.252.64.0/19
173.252.70.0/24
173.252.96.0/19
204.15.20.0/22
@mattkeenan
Copy link

mattkeenan commented Aug 13, 2016

On Linux if you have iptables and ipset installed you can put the contents of the above gist into a file (say /var/tmp/facebook-nets) and then you can do the following;

# ipset create block-facebook-nets hash:net
# for net in $(cat /var/tmp/facebook-nets) ; do ipset add block-facebook-nets $net ; done

NOTE: you may get warnings / errors that some of the nets are already included, you can ignore these types of errors

# iptables -A OUTPUT -m set --match-set block-facebook-ips dst -j REJECT

NOTE: this blocks all outbound traffic from your machine to facebook (i.e. your browser trying to load facebook pages or widgets / sharing tools)

# iptables -L OUTPUT -nv
Chain OUTPUT (policy ACCEPT 1212 packets, 145K bytes)
 pkts bytes target     prot opt in     out     source               destination
   0     0   REJECT    all  --  *      *       0.0.0.0/0            0.0.0.0/0            match-set block-facebook-ips dst reject-with icmp-port-unreachable

You can also block packets coming in from facebook's networks but this would almost never happen without an outbound connection first.

@kingofnull
Copy link

kingofnull commented Jan 21, 2017

There is complete list of facebook ips in CIDR format :
http://ipinfo.io/AS32934

@benmork
Copy link

benmork commented Jun 30, 2017

@mweber-ak
Copy link

If you are like me and found this trying to filter out FB from Google Analytics this will do the trick.

https://gist.github.com/weber93/2decc1b2f255978dd66e7598f8553327

@Corepany
Copy link

Corepany commented Oct 3, 2017

This do the trick (from stackoverflow)
whois -h whois.radb.net -- '-i origin AS32934' | grep ^route

I tested, it also blocks instagram

@chuleva
Copy link

chuleva commented Oct 13, 2017

Please add 31.13.114.65/24 to the list.

@peterver
Copy link

@Corepany I wouldn't use that command as for some reason not all Facebook servers are returned through this :/. For example 31.13.113.90 ( from the Facebook Ireland datacenter ) is not included in this. So any whitelist will be incorrect.

@tjeb
Copy link

tjeb commented Jul 11, 2018

@peterver Not sure whether it did back in February, but the whois output includes 31.13.96.0/19 now, so at least 31.13.113.90 is also covered. More importantly, that output also includes IPv6, which the list here sorely lacks.

@torking
Copy link

torking commented Oct 31, 2018

31.13.114.65/24

@workingj
Copy link

you can try this in case you have windows
block_facebook

@moreaki
Copy link

moreaki commented Oct 4, 2021

No need for this at the moment, since FB is down anyway ;)

@wankdanker
Copy link

This tool will find all sorts of network ranges owned by whichever company you want: https://github.com/NetSPI/NetblockTool

python3 NetblockTool.py -v -e 1 -4 Facebook

@Ahmedabap
Copy link

@nbaranov
Copy link

I Added some addresses from another source and aggregated them by mask.

31.13.24.0/21
31.13.64.0/18
45.64.40.0/22
66.220.0.0/16
69.63.176.0/20
69.171.0.0/16
74.119.76.0/22
102.132.96.0/20
103.4.96.0/22
129.134.0.0/16
147.75.208.0/20
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
185.89.216.0/22
204.15.20.0/22

@NikolayBuslaev
Copy link

31.13.64.0/19 equal 31.13.64.0-31.13.64.0-31.13.95.254
why then the ranges listed below?
31.13.64.0/24
31.13.69.0/24
31.13.70.0/24
31.13.71.0/24
31.13.72.0/24
31.13.73.0/24
31.13.75.0/24
31.13.76.0/24
31.13.77.0/24
31.13.78.0/24
31.13.79.0/24

@Gengiz
Copy link

Gengiz commented Apr 8, 2023

May God's peace, mercy and blessings be upon you. After Mr. gist. Please download the latest version

@Mesut-art
Copy link

Thank you

@Mesut-art
Copy link

Whatsapp is also blocked, if you allow 185.60.218.53, 157.240.238.61 and 85.153.0.0/16 ip for whatsapp to work, this time it goes to the internet on facebook.

@EIKAInc
Copy link

EIKAInc commented Dec 18, 2023

Hi!

Thanks for the list; it helped a lot.
But sadly, three nets from it overlap. Here is the list of lines that fail to add:

66.220.158.11/16
failure: already have such entry

69.171.229.11/16
failure: already have such entry

69.171.242.11/16
failure: already have such entry

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment