http://whois.domaintools.com/220.127.116.11 (Universal Communications, Reallocated to Detel Wireless, LLC) This doesn't look Facebook to me.
http://whois.domaintools.com/18.104.22.168 (this is directly assigned to Facebook, Inc CIDR range confirmed of 22.214.171.124/20) Translate this range in decimal form to 126.96.36.199 - 188.8.131.52
Which means the third block you've placed (184.108.40.206/32), with a /32 mask is not only never going to matter because it's matching a singular invalid IP, but it's also apart of the greater range you've already blocked. Rule, is redundant and incorrect.
The fourth rule is also false, however it is indeed a range registered to Facebook, Inc. The CIDR is 220.127.116.11/20, this encompasses 18.104.22.168-22.214.171.124. Your rule is invalid and in need of correction.
Yet another CIDR block registered to Facebook, inc. The CIDR you've used is invalid, the registered range is 126.96.36.199/19, decimal range 188.8.131.52 - 184.108.40.206. Your rule is close, but blocking things that may not be Facebook related.
Don't go throwing stuff into the firewall without doing the proper homework. Otherwise you're simply signing up for an unhappy customer when you break random things online.
- NG Firewall
- Solutions by Industry
- Solutions by Issue