How to find out IP-Ranges of, lets say Facebook..

28 January 2015

If you want to block Facebook in your network, you can use a proxy or simply block all the Ip-Ranges of Facebook. Whois can help us to find the Ip-Ranges.

First of all, let’s do a dns-lookup on “”:

dr@tardis:~$ host has address has IPv6 address 2a03:2880:2130:cf05:face:b00c:0:1 mail is handled by 10

Now we can find out the origin via whois:

dr@tardis:~$ whois | grep -i origin
OriginAS: AS32934

Using this Origin, we can finally ask whois for the Ip-ranges:


IF=`whois -h -- '-i origin AS32934' | grep ^route: | awk '{print $2}'`

echo FACEBOOK=\"$IF\" | perl -pe 's/ /,/g'

Btw: the output of this script can directly be used for a variable in shorewall..

[ Linux  Sysadmin  Network  ]
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti