Change rules for constructing DHCPv6 ranges.
diff --git a/CHANGELOG b/CHANGELOG
index d001a3d..c0c6661 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -119,6 +119,11 @@
 	    6939 for this to work. It always works for directly
 	    connected clients. Thanks to Vladislav Grishenko
 	    for prompting this feature.
+	    
+	    Remove the rule for constructed DHCP ranges that the local
+	    address must be either the first or last address in the
+	    range. This was originally to avoid SLAAC addresses, but
+	    we now explicitly autoconfig and privacy addresses instead.  
 
 
 version 2.66
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index e313d54..2b1570a 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -652,24 +652,20 @@
 
 .B --dhcp-range=::1,::400,constructor:eth0
 
-will look for addresses of the form <network>::1 or <network>:400 on
+will look for addresses on
 eth0 and then create a range from <network>::1 to <network>::400. If
 the interface is assigned more than one network, then the
 corresponding ranges will be automatically created, and then
 deprecated and finally removed again as the address is deprecated and
 then deleted. The interface name may have a final "*" wildcard. Note
-that just any address on eth0 will not do: the non-prefix part must be
-equal either the start or end address given in the dhcp-range. This is
-to prevent prefixes becoming perpetual if the interface 
-gains a SLAAC address for the prefix when it is advertised by dnsmasq.
+that just any address on eth0 will not do: it must not be an
+autoconfigured or privacy address, or be deprecated.
 
 If a dhcp-range is only being used for stateless DHCP and/or SLAAC,
 then the address can be simply ::
 
 .B --dhcp-range=::,constructor:eth0
 
-This removes the condition above, and will pick up the prefix from any address on eth0 which is NOT 
-autoconfigured, slaac, temporary or deprecated.
 
 There is a variant of the constructor: syntax using the keyword
 .B constructor-noauth.
diff --git a/src/dhcp6.c b/src/dhcp6.c
index ef4c495..c8b1d85 100644
--- a/src/dhcp6.c
+++ b/src/dhcp6.c
@@ -602,6 +602,12 @@
       IN6_IS_ADDR_MULTICAST(local))
     return 1;
 
+  if (!(flags & IFACE_PERMANENT))
+    return 1;
+
+  if (flags & IFACE_DEPRECATED)
+    return 1;
+
   if (!indextoname(daemon->doing_dhcp6 ? daemon->dhcp6fd : daemon->icmp6fd, if_index, ifrn_name))
     return 0;
   
@@ -618,11 +624,7 @@
 	  }
 	
       }
-    else if ((addr6part(local) == addr6part(&template->start6) ||
-	      addr6part(local) == addr6part(&template->end6) ||
-	      (IN6_IS_ADDR_UNSPECIFIED(&template->start6) &&
-	       IFACE_PERMANENT == (flags & (IFACE_PERMANENT | IFACE_DEPRECATED)))) && 
-	     wildcard_match(template->template_interface, ifrn_name))
+    else if (wildcard_match(template->template_interface, ifrn_name))
       {
 	start6 = *local;
 	setaddr6part(&start6, addr6part(&template->start6));