~ BugFix! In DHCP chain the reply from the server still isn't handled correctly. It get filtered although it's intended to pass. This is due to the addrtype module and it's dst-type LOCAL filter value. Although the addrtype is considered to be a local address it seem that netfilter filters it anyway. Although other rules with comparison of marked packets work this differs in one aspect. It uses the an inverted mark value via exclamation mark. Anyway the only way fix thios properly for now is to just filter for dhcp client port without any addrtype comparision.
~ Argument order of iptables matters so all mark comparisons in DHCP chain have been move to the first place.