This looks really impressing: http://www.digitalattackmap.com/
Watch out for any
IN_IPv6_RBL scores in your policyd-weight logs.
If you see regular hits, you probably have to either upgrade your policyd-weight or disable rbl.ipv6world.net manually.
It’s fairly easy to set up an IPv6 tunnel on any (W)LAN-connected notebook 2 hops away from the DSL uplink, see http://tunnelbroker.net for details.
But this will also bypass the router’s firewall leading to public access to the tunnel endpoint and further.