I'm looking for a way to block traffic on a given port/vlan based on source MAC address. The switches involved are 2950/2960 and 3750G. I've been using static mac table entries with the drop keyword, but I'd like to be able to filter with wildcards (e.g. block all MAC addresses with a given manufacturer OUI rather than having to manually specify each MAC.)
MAC ACLs would allow matching traffic in such a way, but my understanding is that the 3750G doesn't apply MAC ACLs to IPv4 traffic.
Thoughts?