# Block a list of ips from Facebook using DIG,AWK



## cybercoke (Oct 26, 2012)

Hi Guys, i just wanto to block a list of ips from facebook on ipfw.
To capture de list o ips i just use this command:


```
dig facebook.com | awk '$1~/facebook.com/ {print $4,$5}' | awk '$1~/A/ {print $2}'
```

It will return something like this:


```
66.220.149.88
66.220.152.16
69.171.234.21
69.171.237.16
69.171.247.21
69.171.239.12
```

On the ruleset of my ipfw i make the following rule:


```
${fwcmd} add set 12 deny log all from any to ${facebook} dst-port 443 setup keep-state
```

But when i restart ipfw it show me the following error:


```
ipfw: port list: invalid separator <.> in <66.220.149.88>
ipfw: unrecognised option [-1] 66.220.149.88

ipfw: port list: invalid separator <.> in <66.220.149.88>
ipfw: unrecognised option [-1] 66.220.149.88
```

I think that is because it can read the ip set to the formart ip-1,ip-2,ip-3.... 

How do i make ipfw read line by line of this ip list or how do i manage the output of the command to show me the ips separated by "," ?

Thank You guys.


----------



## cybercoke (Oct 26, 2012)

I Found the solution guys,

see:


```
dig facebook.com | awk '$1~/facebook.com/ {print $4,$5}' | awk '$1~/A/ {print $2}' | xargs | sed 's/ /,/g'
```

Hope this help others.

Thank you.


----------



## wblock@ (Oct 26, 2012)

tr(1) can also be used to translate one character to another.

Beyond that, you will find that large Internet services have vast banks of servers that don't necessarily share the expected domain name or IP address.


----------

