Index: sbin/pfctl/parse.y
===================================================================
--- sbin/pfctl/parse.y
+++ sbin/pfctl/parse.y
@@ -456,7 +456,7 @@
 %token	RETURNRST RETURNICMP RETURNICMP6 PROTO INET INET6 ALL ANY ICMPTYPE
 %token	ICMP6TYPE CODE KEEP MODULATE STATE PORT RDR NAT BINAT ARROW NODF
 %token	MINTTL ERROR ALLOWOPTS FASTROUTE FILENAME ROUTETO DUPTO REPLYTO NO LABEL
-%token	NOROUTE URPFFAILED FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DROP TABLE
+%token	NOROUTE URPFFAILED FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DSCP DROP TABLE
 %token	REASSEMBLE FRAGDROP FRAGCROP ANCHOR NATANCHOR RDRANCHOR BINATANCHOR
 %token	SET OPTIMIZATION TIMEOUT LIMIT LOGINTERFACE BLOCKPOLICY FAILPOLICY
 %token	RANDOMID REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC DEBUG SKIP HOSTID
@@ -2511,6 +2511,14 @@
 			filter_opts.marker |= FOM_TOS;
 			filter_opts.tos = $2;
 		}
+		| DSCP tos {
+			if (filter_opts.marker & FOM_TOS) {
+				yyerror("tos cannot be redefined");
+				YYERROR;
+			}
+			filter_opts.marker |= FOM_TOS;
+			filter_opts.tos = $2;
+		}
 		| keep {
 			if (filter_opts.marker & FOM_KEEP) {
 				yyerror("modulate or keep cannot be redefined");
@@ -5514,6 +5522,7 @@
 		{ "divert-to",		DIVERTTO},
 		{ "drop",		DROP},
 		{ "drop-ovl",		FRAGDROP},
+		{ "dscp",		DSCP},
 		{ "dup-to",		DUPTO},
 		{ "fail-policy",	FAILPOLICY},
 		{ "fairq",		FAIRQ},
@@ -6344,7 +6353,8 @@
 		{ "lowdelay",		IPTOS_LOWDELAY },
 		{ "netcontrol",		IPTOS_PREC_NETCONTROL },
 		{ "reliability",	IPTOS_RELIABILITY },
-		{ "throughput",		IPTOS_THROUGHPUT }
+		{ "throughput",		IPTOS_THROUGHPUT },
+		{ "va",			IPTOS_DSCP_VA }
 	};
 	const struct keywords	*p;
 
Index: share/man/man5/pf.conf.5
===================================================================
--- share/man/man5/pf.conf.5
+++ share/man/man5/pf.conf.5
@@ -681,6 +681,7 @@
 .Ar reliability ,
 or one of the DiffServ Code Points:
 .Ar ef ,
+.Ar va ,
 .Ar af11 No ... Ar af43 ,
 .Ar cs0 No ... Ar cs7 ;
 or as either hex or decimal.
@@ -1762,6 +1763,7 @@
 .Ar reliability ,
 or one of the DiffServ Code Points:
 .Ar ef ,
+.Ar va ,
 .Ar af11 No ... Ar af43 ,
 .Ar cs0 No ... Ar cs7 ;
 or as either hex or decimal.
@@ -1772,6 +1774,11 @@
 pass all tos 0x10
 pass all tos 16
 .Ed
+.It Xo Ar dscp Aq Ar string
+.No \*(Ba Aq Ar number
+.Xc
+A synonym for
+.Ar tos .
 .It Ar allow-opts
 By default, IPv4 packets with IP options or IPv6 packets with routing
 extension headers are blocked.
@@ -2902,6 +2909,7 @@
 
 filteropt-list = filteropt-list filteropt | filteropt
 filteropt      = user | group | flags | icmp-type | icmp6-type | "tos" tos |
+                 "dscp" tos |
                  ( "no" | "keep" | "modulate" | "synproxy" ) "state"
                  [ "(" state-opts ")" ] |
                  "fragment" | "no-df" | "min-ttl" number | "set-tos" tos |