The explanation could be loose-tcp-tracking set to yes, which basically switches off the analysis of TCP flags in order to lower the CPU consumption by connection tracking. This item can be set to no under /ip firewall connection tracking. While there is no such section in the /ipv6 firewall configuration tree, I’d expect the settings to be common for both - give it a try.