So as a new be to IPFire setting up a port forward rule to a webserver or a mail server on the orange port would look like this,
source would be red / destination would be orange
or to lock it down more you would use,
source red ip address port 80/443 to the orange ip address port 80/443 of the server. Same for mail server.
But having a router in front of the IPFire box you would also need to forward ports in that as well. So would you forward all ports as well or would you lock it down to just the ports you need. should you change the ports for the destination having the webserver or email server use different ports to listen on?