Hello,
I’ve setup a DMZ network.
Please take a look at the table under the firewall rules:
It clearly shows that ORANGE is ALLOWED to access the internet.
However, this doesn’t work. I can’t ping any server in the internet.
It works after I created the rule manually.
Is this a visual bug, or have I done something wrong?
Note Default policy
https://wiki.ipfire.org/configuration/firewall/default-policy
Your DMZ has no DNS server !
You can give it a DNS like 1.1.1.1 or 8.8.8.8 or you must have a firewall rule to allow Ipfire DNS
Ahhh thank you for the hint.
Okay that explains a lot. 
I’ve set the IPFire’s IP as DNS server on the device inside the DMZ.
But if the IPFire DNS is forbidden by default, why does it work with above rule?
It still shouldn’t have DNS with this rule.
Since DNS from IPFire is forbidden by default, is it a bad idea to allow it for devices inside the DMZ?
Not shure. But DNS is not blocked every where on Orange just to the firewall it’s self.
So when your server in orange asks for DNS it gets no response.
So it can’t resolve any DNS requests.
