The point is how do the guest machine and the host OS communicate? Is the guest sending a stream of packets trough a real network interface, or through a virtual interface created by the host OS?
If you have a HW-NIC available for the Ubuntu guest machine, you will create a bridge device on the IPFire host.
Ok, that makes Sens!
I’ll try to do it tomorrow. And i’m a bit optimistic. 
Here a tutorial and some reading material on everything lib-virt on the console.
The virsh tutorial is exactly what i have searching for!
Thanks
If IPFire is protecting anything of value, you do not want to do this. It will increase the surface of attack and make your network less secure. You need to balance the tradeoff between convenience and security and be mindful of the risk associated to run a virtual machine inside your firewall.
Thats a good Point! Especially for externally reachable services. I’d better not do that. For internal services it doesn’t matter. Whoever would attack me from my home network does not need to challenge the firewall anymore.