I'm trying to set the tos flag in the IP header for certain traffic using normalization rules. Basically I have a VPN tunnel from a home server (192.168.1.2) connecting to a public VPN server UDP/443. What I want is this traffic to be marked with CS1 (background).
I've made a rule like this:
Interface: LAN_1
Proto: UDP
Direction: any
Source: 192.168.1.2:any
Dest: any:443
ToS: CS1
However, the strange thing is that all return traffic get tos 0x20:
10:40:06.548763 IP (tos 0x20, ttl 58, id 32042, offset 0, flags [DF], proto UDP (17), length 133)
1.2.3.4.443 > 192.168.1.2.57135: UDP, length 105
but all outgoing traffic remains on 0x00:
10:40:06.549125 IP (tos 0x0, ttl 64, id 10416, offset 0, flags [DF], proto UDP (17), length 105)
192.168.1.2.57135 > 1.2.3.4.443: UDP, length 77
These are packets from a simple tcpdump -vni igb1 host 192.168.1.2 and udp port 443 -c 10. I've tried removing the state as well as simply restarting the tunnel several times.
I've also tried making an opposite rule, with srcport 443 dst 192.168.1.2:any, as well as include my WAN interface (pppoe0) but to no avail.
Does anyone know what's going on or how to solve this? Much appreciated!
edit: when I just create a blanket rule with my LAN interface selected and then everything else set to "any", outgoing traffic is still 0x00 whilst the incoming traffic is 0x20. What am I missing?