diff --git a/extensions/xt_psd.c b/extensions/xt_psd.c
index 62b7991..b038f48 100644
--- a/extensions/xt_psd.c
+++ b/extensions/xt_psd.c
@@ -130,6 +130,12 @@ xt_psd_match(const struct sk_buff *pskb, struct xt_action_param *match)
 	/* Get the source address, source & destination ports, and TCP flags */
 
 	addr.s_addr = iph->saddr;
+	/* We're using IP address 0.0.0.0 for a special purpose here, so don't let
+	 * them spoof us. [DHCP needs this feature - HW] */
+	if (addr.s_addr == 0) {
+		pr_debug("spoofed source address (0.0.0.0)\n");
+		return false;
+	}
 
 	if (proto == IPPROTO_TCP) {
 		tcph = skb_header_pointer(pskb, match->thoff,
@@ -154,13 +160,6 @@ xt_psd_match(const struct sk_buff *pskb, struct xt_action_param *match)
 		return false;
 	}
 
-	/* We're using IP address 0.0.0.0 for a special purpose here, so don't let
-	 * them spoof us. [DHCP needs this feature - HW] */
-	if (addr.s_addr == 0) {
-		pr_debug("spoofed source address (0.0.0.0)\n");
-		return false;
-	}
-
 	/* Use jiffies here not to depend on someone setting the time while we're
 	 * running; we need to be careful with possible return value overflows. */
 	now = jiffies;