When a SNAT rule is created and RED is selected as destination network, some other connections get translated as well (for example OpenVPN connections). This is unexpected behaviour and should be changed in that way that only connections that are actually routed through the RED interface will be translated. See for reference: http://forum.ipfire.org/viewtopic.php?f=22&t=15319
Please check this patch. Matthias already tested the new rules.pl successfully, his problem is solved now. http://patchwork.ipfire.org/patch/168/
Thx Alexander for the work! As you said, everything is working fine now. Regards Matthias