6 files changed, 171 insertions, 182 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index dfdf08f..9151da4 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -210,6 +210,7 @@ cloned_interfaces=""		# List of cloned network interfaces to create.
 ifconfig_lo0="inet 127.0.0.1"	# default loopback device configuration.
 #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry.
 #ifconfig_ed0_ipx="ipx 0x00010010"	# Sample IPX address family entry.
+#ifconfig_ed0_ipv6="RTADV" 	# Sample IPv6 entry for RA/rtsol(8)
 #ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" # Sample IPv6 addr entry
 #ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" # Sample IPv6 alias
 #ifconfig_fxp0_name="net0"	# Change interface name from fxp0 to net0.
@@ -439,8 +440,9 @@ rfcomm_pppd_server_two_channel="3"	# Override local channel for 'two'
 icmp_bmcastecho="NO"	# respond to broadcast ping packets
 
 ### IPv6 options: ###
-ipv6_network_interfaces="none"	# List of IPv6 network interfaces
-				# (or "auto" or "none").
+ipv6_network_interfaces="AUTO"	# List of IPv6 network interfaces
+ipv6_prefer="YES" 		# Use IPv6 when both IPv4 and IPv6 can be used
+ipv6_privacy="NO" 		# Use privacy addresses with RTADV (RFC 4193)
 ipv6_defaultrouter="NO"		# Set to IPv6 default gateway (or NO).
 #ipv6_defaultrouter="2002:c058:6301::"	# Use this for 6to4 (RFC 3068)
 ipv6_static_routes=""		# Set to static route list (or leave empty).
@@ -499,7 +501,6 @@ ipv6_ipfilter_rules="/etc/ipf6.rules"	# rules definition file for ipfilter,
 					# for examples
 ip6addrctl_enable="YES"	# Set to YES to enable default address selection
 ip6addrctl_verbose="NO"	# Set to YES to enable verbose configuration messages
-ipv6_prefer="NO"	# Use IPv6 when both IPv4 and IPv6 can be used
 
 ##############################################################
 ###  System console options  #################################
diff --git a/etc/network.subr b/etc/network.subr
index fbf3ff9..52c99db 100644
--- a/etc/network.subr
+++ b/etc/network.subr
@@ -96,44 +96,32 @@ ifconfig_up()
 	# inet6 specific
 	if afexists inet6; then
 		if ipv6if $1; then
-			if checkyesno ipv6_gateway_enable; then
-				_ipv6_opts="-accept_rtadv"
-			fi
-		else
-			if checkyesno ipv6_prefer; then
-				_ipv6_opts="-ifdisabled"
-			else
-				_ipv6_opts="ifdisabled"
+			# Implicitly handles ipv6_gateway_enable
+			_ipv6_opts='-ifdisabled -accept_rtadv'
+
+			if ipv6_autoconfif $1; then
+				_ipv6_opts='-ifdisabled accept_rtadv'
 			fi
 
-			# backward compatibility: $ipv6_enable
-			case $ipv6_enable in
-			[Yy][Ee][Ss])
-				_ipv6_opts="${_ipv6_opts} accept_rtadv"
-				;;
-			esac
-		fi
+			ifconfig $1 inet6 $_ipv6_opts
 
-		if [ -n "${_ipv6_opts}" ]; then
-			ifconfig $1 inet6 ${_ipv6_opts}
-		fi
+			# ifconfig_IF_ipv6
+			ifconfig_args=`ifconfig_getargs $1 ipv6`
 
-		# ifconfig_IF_ipv6
-		ifconfig_args=`ifconfig_getargs $1 ipv6`
-		if [ -n "${ifconfig_args}" ]; then
-			ifconfig $1 inet6 -ifdisabled
-			ifconfig $1 ${ifconfig_args}
-			_cfg=0
-		fi
+			if [ -n "$ifconfig_args" ]; then
+				ifconfig $1 $ifconfig_args
+				_cfg=0
+			fi
+		else
+		# Remove in FreeBSD 10.x
+		# Explicit test is necessary here to avoid nonexistence error
+			case "$ipv6_enable" in
+			[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+			warn "Interface $1 will NOT be configured for IPv6"
+				;;
+			esac
 
-		# backward compatiblity: $ipv6_ifconfig_IF
-		ifconfig_args=`get_if_var $1 ipv6_ifconfig_IF`
-		if [ -n "${ifconfig_args}" ]; then
-			warn "\$ipv6_ifconfig_$1 is obsolete." \
-			    "  Use ifconfig_$1_ipv6 instead."
-			ifconfig $1 inet6 -ifdisabled
-			ifconfig $1 inet6 ${ifconfig_args}
-			_cfg=0
+			ifconfig $1 inet6 ifdisabled
 		fi
 	fi
 
@@ -194,7 +182,7 @@ ifconfig_down()
 #	$default if given.
 get_if_var()
 {
-	local _if _punct _var _default prefix suffix
+	local _if _punct _punct_c _var _default prefix suffix
 
 	if [ $# -ne 2 -a $# -ne 3 ]; then
 		err 3 'USAGE: get_if_var name var [default]'
@@ -219,7 +207,7 @@ get_if_var()
 #	outside this file.
 _ifconfig_getargs()
 {
-	local _ifn _af
+	local _ifn _af value
 	_ifn=$1
 	_af=${2+_$2}
 
@@ -227,7 +215,18 @@ _ifconfig_getargs()
 		return 1
 	fi
 
-	get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT"
+	value=`get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT"`
+
+	# Remove in FreeBSD 10.x
+	if [ "$_af" = _ipv6 -a -z "$value" ]; then
+		value=`get_if_var $_ifn ipv6_ifconfig_IF "$ifconfig_DEFAULT"`
+		if [ -n "$value" ]; then
+			warn "\$ipv6_ifconfig_$1 is obsolete." \
+			"  Use ifconfig_$1_ipv6 instead."
+		fi
+	fi
+
+	echo $value
 }
 
 # ifconfig_getargs if [af]
@@ -249,6 +248,8 @@ ifconfig_getargs()
 		[Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;;
 		[Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;;
 		[Ww][Pp][Aa]) ;;
+		[Rr][Tt][Aa][Dd][Vv]) ;;
+		[Nn][Oo][Rr][Tt][Aa][Dd][Vv]) ;;
 		*)
 			_args="$_args $_arg"
 			;;
@@ -372,77 +373,45 @@ afexists()
 	esac
 }
 
-# noafif if
-#	Returns 0 if the interface has no af configuration and 1 otherwise.
-noafif()
-{
-	local _if
-	_if=$1
-
-	case $_if in
-	pflog[0-9]*|\
-	pfsync[0-9]*|\
-	an[0-9]*|\
-	ath[0-9]*|\
-	ipw[0-9]*|\
-	iwi[0-9]*|\
-	iwn[0-9]*|\
-	ral[0-9]*|\
-	wi[0-9]*|\
-	wl[0-9]*|\
-	wpi[0-9]*)
-		return 0
-		;;
-	esac
-
-	return 1
-}
-
 # ipv6if if
 #	Returns 0 if the interface should be configured for IPv6 and
 #	1 otherwise.
 ipv6if()
 {
-	local _if _tmpargs i
-	_if=$1
-
 	if ! afexists inet6; then
 		return 1
 	fi
 
 	# lo0 is always IPv6-enabled
-	case $_if in
+	case $1 in
 	lo0)
 		return 0
 		;;
 	esac
 
-	# True if $ifconfig_IF_ipv6 is defined.
-	_tmpargs=`_ifconfig_getargs $_if ipv6`
-	if [ -n "${_tmpargs}" ]; then
-		return 0
-	fi
-
-	# backward compatibility: True if $ipv6_ifconfig_IF is defined.
-	_tmpargs=`get_if_var $_if ipv6_ifconfig_IF`
-	if [ -n "${_tmpargs}" ]; then
-		return 0
-	fi
+	local _if _tmpargs i
+	_if=$1
 
-	case "${ipv6_network_interfaces}" in
-	[Aa][Uu][Tt][Oo])
-		return 0
-		;;
+	case "$ipv6_network_interfaces" in
 	''|[Nn][Oo][Nn][Ee])
 		return 1
 		;;
+	$_if|"$_if "*|*" $_if"|*" $_if "*|[Aa][Uu][Tt][Oo])
+		# True if $ifconfig_IF_ipv6 is defined.
+		_tmpargs=`_ifconfig_getargs $_if ipv6`
+		;;
 	esac
 
-	for i in ${ipv6_network_interfaces}; do
-		if [ "$i" = "$_if" ]; then
-			return 0
-		fi
-	done
+	if [ -n "$_tmpargs" ]; then
+		# Remove in FreeBSD 10.x
+		# Explicit test is necessary here to avoid nonexistence error
+		case "$ipv6_enable" in
+		[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+			;;
+		*)	return 0
+			;;
+		esac
+	fi
 
 	return 1
 }
@@ -452,15 +421,24 @@ ipv6if()
 #	Stateless Address Configuration, 1 otherwise.
 ipv6_autoconfif()
 {
+	case $1 in
+	lo0|\
+	stf[0-9]*|\
+	faith[0-9]*|\
+	lp[0-9]*|\
+	sl[0-9]*|\
+	pflog[0-9]*|\
+	pfsync[0-9]*)
+		return 1
+		;;
+	esac
+
 	local _if _tmpargs _arg
 	_if=$1
 
 	if ! ipv6if $_if; then
 		return 1
 	fi
-	if noafif $_if; then
-		return 1
-	fi
 	if checkyesno ipv6_gateway_enable; then
 		return 1
 	fi
@@ -468,45 +446,24 @@ ipv6_autoconfif()
 	if [ -n "${_tmpargs}" ]; then
 		return 1
 	fi
+	if ! is_wired_interface $_if; then
+		case $_if in
+		wlan[0-9]*)	;;	# Allow test to continue
+		*)	return 1
+			;;
+		esac
+	fi
 
-	case $_if in
-	lo0|\
-	stf[0-9]*|\
-	faith[0-9]*|\
-	lp[0-9]*|\
-	sl[0-9]*|\
-	pflog[0-9]*|\
-	pfsync[0-9]*)
+	_tmpargs=`_ifconfig_getargs $_if ipv6`
+	case "$_tmpargs" in
+	*inet6\ *|*[Nn][Oo][Rr][Tt][Aa][Dd][Vv]*|*-accept_rtadv*)
 		return 1
 		;;
-	esac
-
-	# backward compatibility: $ipv6_enable
-	case $ipv6_enable in
-	[Yy][Ee][Ss])
+	*[Rr][Tt][Aa][Dd][Vv]*|*accept_rtadv*)
 		return 0
 		;;
 	esac
 
-	_tmpargs=`_ifconfig_getargs $_if ipv6`
-	for _arg in $_tmpargs; do
-		case $_arg in
-		accept_rtadv)
-			return 0
-			;;
-		esac
-	done
-
-	# backward compatibility: $ipv6_ifconfig_IF
-	_tmpargs=`get_if_var $_if ipv6_ifconfig_IF`
-	for _arg in $_tmpargs; do
-		case $_arg in
-		accept_rtadv)
-			return 0
-			;;
-		esac
-	done
-
 	return 1
 }
 
diff --git a/etc/rc.d/ip6addrctl b/etc/rc.d/ip6addrctl
index d3b1856..3963b07 100755
--- a/etc/rc.d/ip6addrctl
+++ b/etc/rc.d/ip6addrctl
@@ -20,8 +20,6 @@ status_cmd="ip6addrctl"
 prefer_ipv6_cmd="ip6addrctl_prefer_ipv6"
 prefer_ipv4_cmd="ip6addrctl_prefer_ipv4"
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
-
 ip6addrctl_prefer_ipv6()
 {
 	afexists inet6 || return 0
diff --git a/etc/rc.d/netif b/etc/rc.d/netif
index f982cfc..06b8e76 100755
--- a/etc/rc.d/netif
+++ b/etc/rc.d/netif
@@ -34,6 +34,7 @@
 . /etc/network.subr
 
 name="network"
+start_precmd="network_prestart"
 start_cmd="network_start"
 stop_cmd="network_stop"
 cloneup_cmd="clone_up"
@@ -41,7 +42,13 @@ clonedown_cmd="clone_down"
 extra_commands="cloneup clonedown"
 cmdifn=
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
+network_prestart()
+{
+	if [ -n "$ipv6_enable" ]; then
+		warn 'The ipv6_enable option is deprecated.'
+		warn 'See rc.conf(5) for information on disabling IPv6.'
+	fi
+}
 
 network_start()
 {
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index 4631304..433ce82 100755
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -99,6 +99,13 @@ netoptions_inet6()
 	else
 		${SYSCTL_W} net.inet6.ip6.v6only=1 >/dev/null
 	fi
+
+	if checkyesno ipv6_privacy; then
+		netoptions_init
+		echo -n " IPv6 Privacy Addresses"
+		${SYSCTL_W} net.inet6.ip6.use_tempaddr=1 >/dev/null
+		${SYSCTL_W} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
+	fi
 }
 
 load_rc_config $name
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index ec3f292..59e338b 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 05, 2010
+.Dd April 8, 2010
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -1292,79 +1292,98 @@ It is also possible to rename an interface by doing:
 ifconfig_ed0_name="net0"
 ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00"
 .Ed
+.\" Remove in FreeBSD 10.x
 .It Va ipv6_enable
 .Pq Vt bool
-If the variable is
-.Dq Li YES ,
-.Dq Li inet6 accept_rtadv
-is added to all of
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-and the
-.Va ipv6_prefer
-is defined as
-.Dq Li YES .
 .Pp
-This variable is deprecated.  Use
-.Va ipv6_prefer
-and
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 .
-.It Va ipv6_prefer
-.Pq Vt bool
-This variable does the following:
+This option is deprecated.
 .Pp
 If the variable is
-.Dq Li YES ,
-the default policy of the source address selection set by
-.Xr ip6addrctl 8
-will be IPv6-preferred.
+.Dq Li YES
+it has no effect.
+To configure IPv6 for an interface see
+.Va ipv6_network_interfaces
+below.
 .Pp
 If the variable is
-.Dq Li NO ,
-the default policy of the source address selection set by
-.Xr ip6addrctl 8
-will be IPv4-preferred, and all of interfaces which does not have the
-corrsponding
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-variable will be marked as
-.Dq Li IFDISABLED .
-This means only IPv6 functionality on that interface is completely
-disabled.  For more details of
-.Dq Li IFDISABLED
-flag and keywords
-.Dq Li inet6 ifdisabled ,
-see
-.Xr ifconfig 8 .
-.Pp
+.Dq Li NO
+then other than
+.Dq Li lo0
+IPv6 will be disabled for each interface,
+however the same effect can be achieved by
+not configuring the interface.
 .It Va ipv6_network_interfaces
 .Pq Vt str
 This is the IPv6 equivalent of
 .Va network_interfaces .
-Normally manual configuration of this variable is not needed.
+Normally configuration of this variable is not needed,
+the value should be left as
+.Dq Li AUTO .
+.Pp
+If
+.Dq Li INET6
+is configured in the kernel configuration for the
+.Dq Li lo0
+interface will always be performed.
+It is not necessary to list it in
+.Va ipv6_network_interfaces .
+.Pp
+Example configuration to accept Router Advertisements (RA) for the
+.Dq Li ed0
+interface:
+.Bd -literal
+ifconfig_ed0_ipv6="RTADV"
+.Ed
+.Pp
+To disable RA the
+.Dq Li NORTADV
+option is available, although not required if manual
+configuration is performed as described below.
+.Pp
+An IPv6 interface can be configured manually with
+.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 .
+For example:
+.Bd -literal
+ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64"
+.Ed
+.Pp
+Manual configuration of an IPv6 address will also
+require configuration of the
+.Va ipv6_defaultrouter
+option.
 .Pp
-IPv6 functionality on an interface should be configured by
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 ,
-instead of setting ifconfig parameters in
-.Va ifconfig_ Ns Aq Ar interface .
 Aliases should be set by
 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
-with
+with the
 .Dq Li inet6
-keyword.  For example:
+keyword.
+For example:
+.Pp
 .Bd -literal
-ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64"
 ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64"
 .Ed
 .Pp
-Interfaces that have an
-.Dq Li inet6 accept_rtadv
-keyword in
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-setting will be automatically configured by
-.Xr rtsol 8 .
-Note that this automatic configuration is disabled if the
-.Va ipv6_gateway_enable
-is set to
-.Dq Li YES .
+.It Va ipv6_prefer
+.Pq Vt bool
+If the variable is
+.Dq Li YES ,
+the default policy of the source address selection set by
+.Xr ip6addrctl 8
+will be IPv6-preferred.
+.Pp
+If the variable is
+.Dq Li NO ,
+the default policy of the source address selection set by
+.Xr ip6addrctl 8
+will be IPv4-preferred.
+.Pp
+.It Va ipv6_privacy
+.Pq Vt bool
+If the variable is
+.Dq Li YES
+privacy addresses will be generated for each IPv6
+interface as described in RFC 4193.
+.Pp
 .It Va ipv6_prefix_ Ns Aq Ar interface
 .Pq Vt str
 If one or more prefixes are defined in