I think he means 'can I only allow hosts with known MAC adresses', which isn't really MAC Address authentication, but can be done. (Quite easily, but a bit painfully if your list of allowed MAC addresses keeps changing.)
The trouble is he is probably using SuSE firewall 2 and that, or more exactly YAST's configuration of that, probably doesn't easily allow this (could be wrong here...I've never thought of trying anything this hard core with it).
So, if that is what you want (whitelisting of MAC Addresses), it seems to me that you have some alternatives:
i) hack the underlying scripts and hope YAST doesn't 'notice'. My guess is that YAST will notice and replace your hacked version with its 'clean' version. The extremist will then get his or her own back on YAST by using iptable-save and iptables-restore from a script that executes on boot _after_ YAST has done its business... Fun, but ugly.
ii) Ignore YAST, and go direct to the metal with Iptables. After all, YAST and the SuSE scripts are only trying to make things easier for you (and failing in this case). You could even let Yast run once, capture its iptables set-up with iptables-save, disable the SuSE firewall and hack what you've got from yast, running iptables-restore on every boot.
iii) Find some other firewall config tool that is more co-operative. Given that most of them are targetted at being 'easy config tools for iptables' whether you'll find one that is 'hard' enough to do this is unknown to me, but if you think that its worth it, don't let me put you off.
So, I think the answer is 'Yes, you can' or at least 'Yes, someone could', but whether, and maybe why, you want to is a mystery to me.