Re: One address, address group, or Internet service is required error when Setting up MAC
What you left out is what version you're running. Based on the error you're getting, I assume you are running something prior to 6.2 (i.e. 6.0.x, 5.6.x, etc).
Prior to 6.2, a MAC-based policy uses AND logic with the source address(es) and the source MAC address(es) you specify. So when you add the subnet, you're saying IF the source IP matches AND the source MAC address matches, then this is applicable.
It's not opening it up to the entire subnet....that would only happen if you REMOVED the MAC address(es) from the source definition in the policy.
Feel free to test it out and prove it for yourself (try using a different MAC address to match that policy).