http://whois.domaintools.com/126.96.36.199 (Universal Communications, Reallocated to Detel Wireless, LLC) This doesn't look Facebook to me.
http://whois.domaintools.com/188.8.131.52 (this is directly assigned to Facebook, Inc CIDR range confirmed of 184.108.40.206/20) Translate this range in decimal form to 220.127.116.11 - 18.104.22.168
Which means the third block you've placed (22.214.171.124/32), with a /32 mask is not only never going to matter because it's matching a singular invalid IP, but it's also apart of the greater range you've already blocked. Rule, is redundant and incorrect.
The fourth rule is also false, however it is indeed a range registered to Facebook, Inc. The CIDR is 126.96.36.199/20, this encompasses 188.8.131.52-184.108.40.206. Your rule is invalid and in need of correction.
Yet another CIDR block registered to Facebook, inc. The CIDR you've used is invalid, the registered range is 220.127.116.11/19, decimal range 18.104.22.168 - 22.214.171.124. Your rule is close, but blocking things that may not be Facebook related.
Don't go throwing stuff into the firewall without doing the proper homework. Otherwise you're simply signing up for an unhappy customer when you break random things online.
- Untangle NG Firewall
- Untangle IC Control
- Help Me Decide