I don't know why your firewall is rejecting WLAN traffic or why the first 6 octets of the reported "address" are all ones. But the format is just the way netfilter reports things, and TMK always has. I just checked this out on my system: the first 6 octets are the MAC address of the ethernet interface
receiving the packet (i.e. the local MAC address) and the next 6 octets are the MAC address of the ethernet interface
sending the packet. I don't know what the last two octets represent, but on my machine they are 08:00 just like on your machine.
I don't know why the log is reporting your local MAC address as all ones or if this has anything to do with the packets being rejected. But the logged format is the same as on my machine and I just verified that my machine is matching correctly on the 6 octets of the sender's MAC address:
Code:
iptables ... -m mac --mac-source XX:XX:XX:XX:XX:XX ...
(My test was on Ubuntu
edgy with a 2.6.17 kernel.)