I'm assuming the rules I have setup below will tag packets even within the lan network? Do I have to create some additional rules above what I have below to define src:192.168.1.0/24 to dest:192.168.1.0/24? for Destination can I just use something simple like wan? Documentation seems to indicate that I can only use IPs or Network deffinitions?
The reason I'm asking is because I don't want to restrict internal traffic to a CIFS server for example.