Hi there, and welcome!
I'm not aware of a way for iptables to detect MAC spoofing. You can do some filtering based on MAC addresses, so you could create rules to allow only known MACs, or only allow specific IP/MAC combinations. That won't stop someone from cloning both the MAC and IP of another device, though, and there is no way for iptables to detect that.
If you want to detect MAC spoofing, you most likely need to profile the machines you're connecting to at a higher level, by looking at things like what OS a device is running, which user is connecting from there, at what times it is connecting, etc. Analysing this data might help you find spoofed addresses, which you can then try and block.
You might also want to consider using a static ARP table - see
https://www.linuxquestions.org/quest...-rules-382174/.
The Linux kernel rp_filter settings might also add a degree of protection - see
http://www.slashroot.in/linux-kernel...path-filtering.
Lastly, depending on your setup, you might also want to look at "ebtables".
I hope this helps.
Regards,
Clifford