If you are using transparent proxy, you can only filter http port. Move to automatic proxy detect/configuration(WPAD/PAC) to get it working.
Is there any easier way? If this is done, the students computers will use much more time to log-on,
and don't really want to start with upstream proxy etc.
The easiest way (which would also work with the base pfsense install, i.e. no 3rd party packages like squid) would be to define an alias with Facebook's IP ranges in CIDR format (easily found online, or you can create the list yourself using whois etc), and create a block rule for that.
Another easy way would be to "blackhole" facebook.com using pfsense's DNS forwarder to create a DNS override to some "other" IP (this only works as long as people can't manually configure their devices to use a 3rd party DNS - so you may have to block 3rd party DNS servers)
Finally you can do "generic" URL filtering e.g. with squid/squidguard but to catch https would require you to configure them via WPAD/PAC to use your proxy, as explained by others.