If you want to block Facebook in your network, you can use a proxy or simply block all the Ip-Ranges of Facebook. Whois can help us to find the Ip-Ranges.
First of all, let’s do a dns-lookup on “facebook.com”:
dr@tardis:~$ host facebook.com
facebook.com has address 173.252.120.6
facebook.com has IPv6 address 2a03:2880:2130:cf05:face:b00c:0:1
facebook.com mail is handled by 10 msgin.vvv.facebook.com.
Now we can find out the origin via whois:
dr@tardis:~$ whois 173.252.120.6 | grep -i origin
OriginAS: AS32934
Using this Origin, we can finally ask whois for the Ip-ranges:
#!/bin/bash
IF=`whois -h whois.radb.net -- '-i origin AS32934' | grep ^route: | awk '{print $2}'`
echo FACEBOOK=\"$IF\" | perl -pe 's/ /,/g'
Btw: the output of this script can directly be used for a variable in shorewall..
