Yes, see heading of 3:
- Detailed Recommendations
Also, see all the dialogue of another master heading,which 3.1.
It's title?
3.1. Stateless Filters
(Our firewalls are stateful, correct?)
Certain kinds of IPv6 packets MUST NOT be forwarded
~ (Emphasis Added) RFC6092-3.1
Who make sure it MUST NOT?

i.e.
iptables
andnft
and the stack/modules that interact with them are [should be] RFC-compliant.

The RFC explained the IPv6 network stack.

Confirm, please.
I say that because it's programmed - it's nothing you can change.
Confirm please.
Lastly, master heading of 3.2:
3.2. Connection-Free Filters
Some Internet applications use connection-free transport protocols with no release semantics, e.g., UDP. These protocols pose a special difficulty for stateful packet filters because most of the application state is not carried at the transport level. State records are created when communication is initiated and are abandoned when no further communication is detected after some period of time.
- (TCP and UDP connections have a timeout timer.)
- Also note - There is a concept of Established and Related connections in the firewall
Maybe,more correctly, the Kernel (i.e. sysctrl
).