Description of problem:
clean-traffic-gateway filter is expected to block any traffic between two VMs
although unicast traffic is blocked, ARP traffic is not!
After a ping tries between two blocked VMs, their ARP table will include each other MAC.

Version-Release number of selected component (if applicable):
4.3.0-0.0.master.20181116185756.gite19db6e.el7

How reproducible:
100%

Steps to Reproduce:
1. Start two VMs
2. Run 'route -n' and then 'arp -an' to see their gateway MAC address
3. Add new vNIC profile
4. Choose: Network='ovirtmgmt', Network Filter='clean-traffic-gateway'
5. At both VMs: 
   Go to Compute | Virtual Machines | Click the VM name | 
   Network Interfaces tab | edit the NIC
   Change their profile to the newly created profile from section #3 above
   Add Network Filter Parameter GATEWAY_MAC=[GW NAC from section #2 above]
6. Run ping from VM-1 to VM-2
7. Run 'arp -an' at both VMs

Actual results:
1. Ping is not replying
2. ARP table includes each other VM, MAC address

Expected results:
1. Ping is not replying
2. ARP table at both VM should include only the Gateway MAC address


Additional info: