The problem is that I receive traps from hundreds of subnets that need to be forwarded to our noc and they are always adding new subnets, so the catch-all was an attempt to not have to worry about missing traps to the noc when new subnets are turned up.
Select subnets within those hundreds of subnets have to also forward to a second destination IP.
This is what i have in place as of this morning, the first rule is sending all traps received to the noc. I added the second rule which stops traps from being sent to the noc, but does forward to the second destination, which is good, but I still need that to go to the noc as well.
rule family="ipv6" source address="::/0" forward-port port="162" protocol="udp" to-addr="2001::1:2:3:X:X:X:X" <-- this is the catch all to the noc
rule family="ipv6" source address="2001:x:x:x:x:209::" forward-port port="162" protocol="udp" to-addr="2001:4:5:6:X:X:X:X" <-- send to the second destination, but stops from sending to the noc