I would like to give some remarks about your question:
Unless you use use non-transparant proxy, you will not be able to filter https connections with squid. This will take some configuration on both server and client. Another option is to block all facebook ip-addresses/-blocks in iptables.
I found a solution on the Ubuntu forums:
Now the goal you want to achieve: You say some users ‘abuse’ facebook privileges. How do you find out they do this? And what exactly is the unwanted behaviour?
The behaviour of people (and especially young people) is that when something is restricted, it becomes more appealing to do that restricted action. Most of the times it is far more effective to have a conversation with those that (in this case) abuse facebook.
When talking with them, it should be clear that there is a valid reason not to allow facebook, and that when they do abuse facebook, they will face sanctions. What those sanctions should be is something to think about. But in severe cases it could be a complete ban from the network.
When you start the ‘game’ of cat and mouse with people to block services, they will dig deeper and deeper to go around the blocked sites and/or services. Personally I think this is not the way to go.