diff --git a/shell/forbid_samba.sh b/shell/forbid_samba.sh
new file mode 100644
index 0000000..b672685
--- /dev/null
+++ b/shell/forbid_samba.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+iptables -A INPUT -p tcp --destination-port 135 -m iprange --src-range 192.168.0.0-192.168.10.255 -j ACCEPT 
+iptables -A INPUT -p tcp --destination-port 139 -m iprange --src-range 192.168.0.0-192.168.10.255 -j ACCEPT 
+iptables -A INPUT -p tcp --destination-port 445 -m iprange --src-range 192.168.0.0-192.168.10.255 -j ACCEPT 
+iptables -A INPUT -p tcp --destination-port 137 -m iprange --src-range 192.168.0.0-192.168.10.255 -j ACCEPT 
+iptables -A INPUT -p tcp --destination-port 138 -m iprange --src-range 192.168.0.0-192.168.10.255 -j ACCEPT 
+
+
+iptables -A INPUT -p tcp --destination-port 135 -j REJECT 
+iptables -A INPUT -p tcp --destination-port 139 -j REJECT 
+iptables -A INPUT -p tcp --destination-port 445 -j REJECT 
+iptables -A INPUT -p tcp --destination-port 137 -j REJECT 
+iptables -A INPUT -p tcp --destination-port 138 -j REJECT 
+