Add net.inet6.ip6.source_address_validation

Drop packets arriving from the network that have our source IPv6
address. If maliciously crafted they can create evil effects
like an RST exchange between two of our listening TCP ports.
Such packets just can't be legitimate. Enable the tunable
by default. Long time due for a modern Internet host.

Reviewed by: melifaro, donner, kp
Differential revision: https://reviews.freebsd.org/D32915