If I understand what you are asking:
clients – (green) → IPFire – (red) → PiHole → Internet
PiHole is not the most secure device. The IPFire is much more secure since it is a hardened firewall.
So I would not configure things this way. And I would strongly recommend not to have PiHole connected to red (the Internet).
This is what I have:
Client (DNS) → PiHole (DNS) → IPFire (DNS) → to external DNS Server
See this post:
EDIT:
And this is what I did to connect GREEN and BLUE to PiHole.