MAC address has link validity only. If you are trying to block some MAC from the wan and your server is in the lan it won't work. For that you'll need IP address.
Also src '*' and dst '*' doesn't look very elegant, you'd better make it more specific.
The problem is option dest '*'. As soon as any dest is specfied, the firewall will create a forward rule. But in order to prevent access to uhttpd you need an input rule.
Now if I try to set an IP in 192.168.20.0/24 on device mac I cannot reach the webserver.
Is it correct?
Is it possible to do the opposite? Allow only this device with this MAC to reach the WebServer and all other device with a different MAC are not allowed?
What if I want to allow only this device 00:0U:5B:PO:CB:RT to reach the WebServer and block all the others device(MAC address)?
Is it possibile to provide also a list i.e. allow devices that MAC starts with 00:0U:5B:* ?
Change the option target to ACCEPT for this mac and below make another rule to REJECT dest_port 80 from lan.
I don't think you can use wildcard on mac address, you'll have to make a rule for each mac you want to permit.