IPv6 firewall rules are simpler if all you are attempting to do is replicate the side effects of PAT / NAT-P (the specific form of NAT in use by most users) in IPv4.
Rule #1: Is the connection originating from the outside / WAN port (i.e. packet came in via WAN port and isn't in the connection table)? If Yes, drop it.
Rule #2: End firewall rules
That's literally it if all you want is the security that NAT provides. It has even less of an effect than NAT as no re-writing of the packet has to occur (including the band-aids for IPSEC, SIP, FTP, etc) and the connection table is smaller as at least the column of what port the connection got mapped to on the public side is no longer required (on cisco devices its actually 4 columns that disappear).
Side effects of this approach? You still can't connect from outside:
1. Your VoIP phone has to deal with keepalives to be able to receive calls as there is no other way for the VoIP provider to reach the handset, but its no worse than what happens in IPv4 NAT world so no real loss.
2. Peer-to-peer protocols still have to go punching holes like they did with NAT, once again no worse than the current IPv4 world.
What you are mixing up is buggy implementations with something fundamental to the protocol. The pressure to switch to IPv6 is ramping up, and this round I'm pretty sure it will push through. I know at least 3 other ASNs that no longer issue public ip space to residential customers, even normal business links don't always get, those that are unable / unwilling to switch will get charged more to get access to the limited IPv4 space and normal users will get priced out of the conversation, its as simple as that. the registries and IETF have done what they can to make the transition as smooth as possible, from what I've seen they have mainly thrown their hands in the air and are going to leave the market to sort this out.
I've had to justify to both ARIN and LACNIC in the past year for IP space when the registries run out no amount of sad story you go to them with will help. What is also being mixed up here is the technical guys willingness to make this process as problem free as possible to avoid fragmenting the internet which is why formerly unusable chunks of the IPv4 address space were re-classified. There are going to be routers out there that are not going to be aware of the rule change and those parts of the internet will be inaccessible to those re-classified chunks but the alternative is not being able to allocate an address at all.