Traffic Shaper / Normalization Question

[Animosity]

What's the proper way to make a normalization rule to flag all my traffic for one particular host?

I've tried a few things with setting it via normalization rules but when I tcpdump, I don't see all packets being marked.

I tried to use Out with the private IP Source.
I tried to use Any with the private IP Source.
I tried using In with the private IP as the destination.

I'm sure I'm missing something silly as my goal is to mark all packets from a private LAN IP with a specific DSCP flag so I can use that later on the shaper rules to shape that LAN IP.

If there is a better way to do it, that would be great as well.

[Animosity]

There's not a single person that has a use case to traffic shape an internal IP out?

In Pfsense, you do this by tagging LAN traffic and making a floating rule that captures the tag.

I'm just trying to see how this is replicated on OPNSense.

[mimugmail]

If I'm not mistaken the shaper picks the packet before the handling of pf. You need to mark DSCP packet at the switch, which is the usual behavior network wide.

[Animosity]

So what I ended up doing to solve the problem was more akin to comment on where the shaper lives in the flow of the packets.

In pfSense, you can't see LAN IPs going through the floating rules on the WAN.

In the Shaper in OPNSense, you can see LAN IPs so just I made my in/out rules matching the proper LAN IP I was to reduce/shape going in/out and can validate the GUI they match so I didn't use any of the normalization items as that wasn't working despite being in the GUI area to mark packets so if you can't mark them, it probably shouldn't 'appear' to work / be configurable but it is.

Needless to say, I met my solution for my initial question by using the LAN IPs which was much easier and works well.