I have to ask why you want a firewall on it..
If
all it does is file/print serving, it can be considered to be in a trusted network and so long as the unnecessary services on it are all turned off, it can be secure enough.
If someone directs ports from the internet to it, then yes it needs a firewall.
SMB uses udp ports 137&138, and tcp ports 139&445.
Also make sure udp port 53 is open for dns.
A good GUI tool is
Firestarter