rules: fix device and chain usage for DSCP/MARK targets

rules: fix device and chain usage for DSCP/MARK targets

Currently, fw3 places all DSCP/MARK target rules into the PREROUTING chain,
and accepts but ignores a src device. This behaviour is impractical for
most common applications (e.g. QOS setup), since rules are applied to all
devices and in all directions.

Fix this generally by honouring src/dest device selection and placing the
rules into the appropriate chain of the mangle table. This code is based
on a proof of concept shared by Jo-Philipp Wich <jo@mein.io>.

Fixes: 12a7cf9db1f9 ("Add support for DSCP matches and target")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>