here is a new branch that adds MAC source address support to firewalld:
MAC sources can be used in rich rules and also as source bindings in
zones. There is a limitation though with MAC source bindings in zones:
Port forwarding and masquerading rules in the zones do not have an
effect for the MAC sources.
Please give it a try and report the issues you are running into.