Add $ipv6_privacy to support net.inet6.ip6.use_tempaddr. Note that this

will be replaced with a per-IF version later.

Based on:	changes in r206408 by dougb

3 files changed, 15 insertions, 0 deletions

diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index 5ff00fc..b041f15 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -453,6 +453,8 @@ ipv6_static_routes=""		# Set to static route list (or leave empty).
 				#  route toward loopback interface.
 #ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1"
 ipv6_gateway_enable="NO"	# Set to YES if this host will be a gateway.
+ipv6_privacy="NO"		# Use privacy address on RA-receiving IFs
+				# (RFC 4193)
 
 route6d_enable="NO"		# Set to YES to enable an IPv6 routing daemon.
 route6d_program="/usr/sbin/route6d"	# Name of IPv6 routing daemon.
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index 4631304..433ce82 100755
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -99,6 +99,13 @@ netoptions_inet6()
 	else
 		${SYSCTL_W} net.inet6.ip6.v6only=1 >/dev/null
 	fi
+
+	if checkyesno ipv6_privacy; then
+		netoptions_init
+		echo -n " IPv6 Privacy Addresses"
+		${SYSCTL_W} net.inet6.ip6.use_tempaddr=1 >/dev/null
+		${SYSCTL_W} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
+	fi
 }
 
 load_rc_config $name
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index 2908450..7ad0cab 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -1304,6 +1304,12 @@ flag and keywords
 see
 .Xr ifconfig 8 .
 .Pp
+.It Va ipv6_privacy
+.Pq Vt bool
+If the variable is
+.Dq Li YES
+privacy addresses will be generated for each IPv6
+interface as described in RFC 4193.
 .It Va ipv6_network_interfaces
 .Pq Vt str
 This is the IPv6 equivalent of