Is there a way to tag any specific application's traffic with DSCP/ToS

I recently made the switch from windows to linux (Manjaro). To manage traffic I had been using a windows feature that allowed me to specify the name of an application so that its network traffic would be tagged with a specific code (DSCP), my router(pfsense) would then check it and prioritize the traffic accordingly. It's set up with these levels of priority : 1. online games 2. all unclassified traffic (mostly web traffic) 3. steam/origin/windows updates 4. torrents This made it so that me and my brother could be playing online games, with torrents going, and my parents could open a youtube video at any time and the torrents/updates would be throttled down automatically by the router, all throughout we would at worst get 5ms jitter and an extra 10 to 20 ping. When I was thinking about switching to linux it didn't occur to me that replicating this configuration would be a problem, I was expecting this to be native functionality to iptables or some other linux firewall, but as it turns out while the functionality did exist around 2002/2003, it was dropped for being broken and and deemed too much trouble to fix. iptables does allow you to mark traffic by based on the process pid, but this isn't great for me since i need to tag the first packet that the application sends out, due to how pfsense classifies traffic for prioritization. So, over the course of a few weeks, in in trying different search terms before committing to a solution, i have progressed through this options: SElinux/Aparmor - these do far more than I want/need them to systemtap - (kernel debugging tool) i was getting ready to fumble my way into getting a script to make iptables rules while reading pid/process name from some kind of live kernel patch (not ideal) anfd/lpfw - these are firewalls that block everything by default and allow you to setup rules to allow traffic based on the application command name I'm posting this in the hopes that someone has this figured out because if not I will have to start modifying lpfw or andf to suit my needs. TL;DR I want to make it so specific applications get their traffic tagged(ToS/DSCP) based on their command name, so that my router can prioritize them appropriately. Any info on how to replicate this functionality in linux is appreciated.