<iframe src="http://www.facebook.com/" />
I have not tested, but I suspect Facebook might be using some JavaScript like this to break out of frames:
if (top.location != location) {
top.location.href = document.location.href ;
}
Unfortunately there is nothing you can do about this, except if you were to proxy the entire Facebook site on-the-fly and filter out this JavaScript, which would most likely break other things. Facebook, and many other sites, implement this trick because frames are often used only for malicious purposes (i.e. framing another website with illegitimate ads or scamming).
Edit: I see from your comment that you say this works at the moment. As I explain above, this is really under Facebook's control, unfortunately. If they choose to add the little bit of JavaScript to break out of frames, you can't stop that from running.