A guide to block
Facebook, Twitter, and TikTok
from your Linux machine
Facebook (now Meta) has eyes everywhere on the
Internet. It spies on everyone, sells data to advertisers and
governments violating your privacy and basic civil freedoms and
rights.
It does not only spy on you if you have an account. It also spies on you through irrelevant sites by planting cookies to your machine through several mechanisms. Even simple buttons on a news site send data to Facebook.
Facebook knows you *better* than your friends and family.
With the following guide you completely block Facebook from accessing your machine. Both IN and OUT traffic to/from Facebook is blocked.
Of course it does not help if your friends give information to Facebook about you. But in any case it is better than nothing.
It does not only spy on you if you have an account. It also spies on you through irrelevant sites by planting cookies to your machine through several mechanisms. Even simple buttons on a news site send data to Facebook.
Facebook knows you *better* than your friends and family.
With the following guide you completely block Facebook from accessing your machine. Both IN and OUT traffic to/from Facebook is blocked.
Of course it does not help if your friends give information to Facebook about you. But in any case it is better than nothing.
Quick setup
1. Install whois (Ubuntu: sudo apt-get install whois ArchLinux: pacman -S whois), and (similarly) awk
2. Copy this script blockfacebook and allowfacebook as root in /usr/local/bin and make sure it is executable
sudo cp blockfacebook /usr/local/bin/
sudo cp allowfacebook /usr/local/bin/
sudo chmod +x /usr/local/bin/blockfacebook
sudo chmod +x /usr/local/bin/allowfacebook
3. Copy blockfacebook.service in /etc/systemd/system/ and make it executable
sudo cp blockfacebook.service /etc/systemd/system/
chmod +x /etc/systemd/system/blockfacebook.service
4. Copy blockfacebookrestart in /etc/cron.daily/ and make it executable
sudo cp blockfacebookrestart /etc/cron.daily/
chmod +x /etc/cron.daily/blockfacebookrestart
5. Enable and start the service
sudo systemctl enable blockfacebook
sudo systemctl start blockfacebook
If you want for some reason to unblock temporarily the access to Facebook then execute
sudo /usr/local/bin/allowfacebook
See below for Twitter and TikTok.
Explanations
Facebook and all big companies use a lot of
addresses and IPs. So how do you find them in order to block
them? Each company has an AS
number. All IPs are bind to the same AS number. This
number for Facebook is AS32934. So if you get the AS number you
can now find all the IPs assigned to the company and then block
them with standard firewall tools.
Assume you want to block Facebook. First get an IP in their block:
This will return at least one IP. For example, among other things, I got:
Now we find the AS number that this IP belongs to:
Among other things we read:
The script blockfacebook given above has just two lines that it executes and these are:
and for IP6
The whois command asks whois.radb.net to get all IPs assigned to origin AS32934; i.e., all Facebook IPs. Then the grep command filters out only the lines that contain the IPs and the awk command filters just the IPs. For each of them sed prepares a firewall iptables command to block traffic to that IP. The last source command executes them one by one.
The script allowfacebook does the opposite and disables the block.
Then we have two more files, the blockfacebook.service and the blockfacebookrestart for the cron service. The first one guarantees that the blocking script will be executed every time you reboot. The cron script placed in /etc/cron.daily/ guarantees that the blocking script is executed at least once per day to catch IPs that Facebook may have added to it's IP-block during the day.
Small companies do not have their own AS number necessarily. Many rent IP blocks from larger companies, so if you block all the IPs associated with the AS number you will block more than the target company. But Facebook and other large companies have their own AS number. So their strength becomes their Achilles' heel and it is turned against them with the above method.
So if you want to block a small company first check that they own the AS number. You can check this from the output of
A. Tsolomitis
Created Dec 6, 2022.
Assume you want to block Facebook. First get an IP in their block:
nslookup www.facebook.com
This will return at least one IP. For example, among other things, I got:
Address: 31.13.84.36
Now we find the AS number that this IP belongs to:
whois -h whois.radb.net 31.13.84.36
Among other things we read:
origin: AS32934Now we got the AS number of this company.
The script blockfacebook given above has just two lines that it executes and these are:
/usr/bin/whois -h "whois.radb.net" -- '-i origin AS32934' | grep -E "^route:" | awk '{print $NF}' | sed -r 's/(.*)/iptables -I OUTPUT -d \1 -j REJECT/' | source /dev/stdin
and for IP6
/usr/bin/whois -h "whois.radb.net" -- '-i origin AS32934' | grep -E "^route6:" | awk '{print $NF}' | sed -r 's/(.*)/ip6tables -I OUTPUT -d \1 -j REJECT/' | source /dev/stdin
The whois command asks whois.radb.net to get all IPs assigned to origin AS32934; i.e., all Facebook IPs. Then the grep command filters out only the lines that contain the IPs and the awk command filters just the IPs. For each of them sed prepares a firewall iptables command to block traffic to that IP. The last source command executes them one by one.
The script allowfacebook does the opposite and disables the block.
Then we have two more files, the blockfacebook.service and the blockfacebookrestart for the cron service. The first one guarantees that the blocking script will be executed every time you reboot. The cron script placed in /etc/cron.daily/ guarantees that the blocking script is executed at least once per day to catch IPs that Facebook may have added to it's IP-block during the day.
How to block TikTok
TikTok has now trackers in many many sites. This is reason to block it as well. Edit the blockfacebook script, and create inside it a copy of its main command changing the Facebook AS number to TikTok's AS number which is AS138699.How to block Twitter
Same goes for Twitter. It's AS number is: AS13414.This does not work for all companies.
Small companies do not have their own AS number necessarily. Many rent IP blocks from larger companies, so if you block all the IPs associated with the AS number you will block more than the target company. But Facebook and other large companies have their own AS number. So their strength becomes their Achilles' heel and it is turned against them with the above method.
So if you want to block a small company first check that they own the AS number. You can check this from the output of
whois -h whois.radb.net IP-numberas above.
A. Tsolomitis
Created Dec 6, 2022.