Not all games use p2p for matches. Fortnite is the easiest example of one that’s not. Hell, games are not even built the same way anymore and what you think is a server is in reality a cluster of AWS services.
You mean without? Well you're wrong. It's not a security concern at all. Allowing anyone from the outside to connect to any port they want is a security concern, simply because there's a lot of insecure software people run that doesn't account for malicious connections. However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.
> However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.
It is. Considering the kernel access often given to multiplayer games for anti cheat, and the abysmal attention to security and ability to write secure code by the average application developer, letting Internet randos send arbitrary instructions directly to your machine may not be the best idea.
If the software is executing "arbitrary instructions" from remote sources, then its a malicious piece of software, or so horribly negligent to amount to the same thing. So I don't agree that direct connections are the problem - the badly written software is the problem.
No, "a user" in my sentence is intended to mean a human. Its very possible to program software to require human approval for connections. Also, if malicious software is already running, then it will be able to make connections to remote servers that it wants, no need for it to passively listen. IPv6 does not make this problem worse.