We are implementing SSH restrictions by restricting by MAC address in iptables.
Without the MAC address restrictions, using an app like iSSH, it's easy to access my server on the go to check on it's health or logs. I can add my key to the app so I can log in using key based authentication.
My phone's WiFi has a MAC address I can add.
But do the 3G/4G/LTE adapters have a MAC address?
Otherwise, I believe my only solutions, if I want to access my server on mobile, are to not restrict by MAC address or only access my server on mobile when I'm connected to WiFi.
Of course they have MAC addresses, but that won't help you since you obviously can't block based on them. Remember that MAC addresses are only visible and relevant on the directly connected link.
The answer is yes, and no.
1X/3G/4G interfaces on cellular devices do have a MAC address, but those MACs are dynamically assigned and change on every reboot of the device... this is because MAC addresses only apply to IEEE 802 technologies, of which cellular networks are not.
So yes, cellular networks are dynamically assigned a MAC address on a smartphone when that device is powered on or rebooted, however, these dynamically assigned MACs cannot be used in a firewall (it would literally be pointless to do so).
However, @joeqwerty comment is incorrect: "MAC addresses are locally significant, so you can't block based on the MAC address of a remote device"
While MAC addresses are locally significant, you can, and should, allow or block network connections via the MAC address of a remote device. It is possible, quite easily, to change a MAC address on a device, however it's more secure than blocking IP addresses, and less secure than blocking host names.