-
-
Save Whitexp/9591384 to your computer and use it in GitHub Desktop.
31.13.24.0/21 | |
31.13.64.0/19 | |
31.13.64.0/24 | |
31.13.69.0/24 | |
31.13.70.0/24 | |
31.13.71.0/24 | |
31.13.72.0/24 | |
31.13.73.0/24 | |
31.13.75.0/24 | |
31.13.76.0/24 | |
31.13.77.0/24 | |
31.13.78.0/24 | |
31.13.79.0/24 | |
31.13.80.0/24 | |
66.220.144.0/20 | |
66.220.144.0/21 | |
66.220.149.11/16 | |
66.220.152.0/21 | |
66.220.158.11/16 | |
66.220.159.0/24 | |
69.63.176.0/21 | |
69.63.176.0/24 | |
69.63.184.0/21 | |
69.171.224.0/19 | |
69.171.224.0/20 | |
69.171.224.37/16 | |
69.171.229.11/16 | |
69.171.239.0/24 | |
69.171.240.0/20 | |
69.171.242.11/16 | |
69.171.255.0/24 | |
74.119.76.0/22 | |
173.252.64.0/19 | |
173.252.70.0/24 | |
173.252.96.0/19 | |
204.15.20.0/22 |
There is complete list of facebook ips in CIDR format :
http://ipinfo.io/AS32934
If you are like me and found this trying to filter out FB from Google Analytics this will do the trick.
https://gist.github.com/weber93/2decc1b2f255978dd66e7598f8553327
This do the trick (from stackoverflow)
whois -h whois.radb.net -- '-i origin AS32934' | grep ^route
I tested, it also blocks instagram
Please add 31.13.114.65/24 to the list.
@Corepany I wouldn't use that command as for some reason not all Facebook servers are returned through this :/. For example 31.13.113.90 ( from the Facebook Ireland datacenter ) is not included in this. So any whitelist will be incorrect.
@peterver Not sure whether it did back in February, but the whois output includes 31.13.96.0/19 now, so at least 31.13.113.90 is also covered. More importantly, that output also includes IPv6, which the list here sorely lacks.
31.13.114.65/24
you can try this in case you have windows
block_facebook
No need for this at the moment, since FB is down anyway ;)
This tool will find all sorts of network ranges owned by whichever company you want: https://github.com/NetSPI/NetblockTool
python3 NetblockTool.py -v -e 1 -4 Facebook
I Added some addresses from another source and aggregated them by mask.
31.13.24.0/21
31.13.64.0/18
45.64.40.0/22
66.220.0.0/16
69.63.176.0/20
69.171.0.0/16
74.119.76.0/22
102.132.96.0/20
103.4.96.0/22
129.134.0.0/16
147.75.208.0/20
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
185.89.216.0/22
204.15.20.0/22
31.13.64.0/19 equal 31.13.64.0-31.13.64.0-31.13.95.254
why then the ranges listed below?
31.13.64.0/24
31.13.69.0/24
31.13.70.0/24
31.13.71.0/24
31.13.72.0/24
31.13.73.0/24
31.13.75.0/24
31.13.76.0/24
31.13.77.0/24
31.13.78.0/24
31.13.79.0/24
May God's peace, mercy and blessings be upon you. After Mr. gist. Please download the latest version
Thank you
Whatsapp is also blocked, if you allow 185.60.218.53, 157.240.238.61 and 85.153.0.0/16 ip for whatsapp to work, this time it goes to the internet on facebook.
Hi!
Thanks for the list; it helped a lot.
But sadly, three nets from it overlap. Here is the list of lines that fail to add:
66.220.158.11/16
failure: already have such entry
69.171.229.11/16
failure: already have such entry
69.171.242.11/16
failure: already have such entry
On Linux if you have iptables and ipset installed you can put the contents of the above gist into a file (say /var/tmp/facebook-nets) and then you can do the following;
NOTE: you may get warnings / errors that some of the nets are already included, you can ignore these types of errors
# iptables -A OUTPUT -m set --match-set block-facebook-ips dst -j REJECT
NOTE: this blocks all outbound traffic from your machine to facebook (i.e. your browser trying to load facebook pages or widgets / sharing tools)
You can also block packets coming in from facebook's networks but this would almost never happen without an outbound connection first.