Author: Thomas Heinz <creatix@hipac.org>
Status: should work :-)

This patch extends the mac match in a way that arbitrary masks can be applied.

Here is an example:
# iptables -A INPUT -m mac --mac-source 12:34:56:78:90:AB --mac-mask FF:FF:70:07:FF:FF -j REJECT

***** WARNING ***** This patch also patch the userspace directory which means that
                    you have to recompile and reinstall the iptables package after that.