Hello,
here is a new branch that adds MAC source address support to firewalld:
https://github.com/t-woerner/firewalld/commits/source_mac
MAC sources can be used in rich rules and also as source bindings in zones. There is a limitation though with MAC source bindings in zones: Port forwarding and masquerading rules in the zones do not have an effect for the MAC sources.
Please give it a try and report the issues you are running into.
Regards, Thomas
firewalld-users@lists.fedorahosted.org