I'm using the latest git as of today on an Asus RT-N16 using a IPv6 tunnel from Hurricane Electric. I've noticed that the Port Forwarding section for IPv6 seems a bit strange. It insists on me putting in a valid IP address for the "Dest Address". This makes sense for IPv4 which is doing NAT, but for IPv6 this is (or should) really just open these ports through the firewall to anyone behind the router, so a destination address shouldn't be needed. It doesn't let me cheat and put in ::/0 either, as it says that's invalid.
Yeah, much of the code for handling addresses was just redone (to more widely and consistently allow hostnames, and literal ipv4 and ipv6 addresses), and there's some rough edges. I just pushed some changes on my branch that (among other things) ensures the backend code works with CIDR notation, but I haven't looked at the web ui validation yet.
You raise some valid points. The IPv6 validation going on here is using what I originally wrote for checking prefixes, where it made sense to be a bit stricter. Some refinements are still needed.
Ironically: for the IPv4 port forwarding, the ui is currently permissive enough to let you enter a hostname instead of IP — but this will fail, because iptables refuses to do name-to-ip translation for DNAT rules, for understandable reasons.