Index: in_pcb.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v
retrieving revision 1.71
diff -u -u -1 -0 -r1.71 in_pcb.c
--- in_pcb.c	2000/12/27 03:02:29	1.71
+++ in_pcb.c	2001/01/15 00:11:16
@@ -214,20 +214,21 @@
 				reuseport = SO_REUSEADDR|SO_REUSEPORT;
 		} else if (sin->sin_addr.s_addr != INADDR_ANY) {
 			sin->sin_port = 0;		/* yech... */
 			if (ifa_ifwithaddr((struct sockaddr *)sin) == 0)
 				return (EADDRNOTAVAIL);
 		}
 		if (lport) {
 			struct inpcb *t;
 
 			/* GROSS */
+			/* Check for port number in the reserved range */
 			if (ntohs(lport) < IPPORT_RESERVED && p &&
 			    suser_xxx(0, p, PRISON_ROOT))
 				return (EACCES);
 			if (p && p->p_prison)
 				prison = 1;
 			if (so->so_cred->cr_uid != 0 &&
 			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport,
 				    prison ? 0 :  INPLOOKUP_WILDCARD);
Index: ip_input.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.149
diff -u -u -1 -0 -r1.149 ip_input.c
--- ip_input.c	2000/11/25 07:35:33	1.149
+++ ip_input.c	2001/01/31 11:44:09
@@ -257,20 +257,21 @@
 	u_short sum;
 	u_int16_t divert_cookie;		/* firewall cookie */
 #ifdef IPDIVERT
 	u_int32_t divert_info = 0;		/* packet divert/tee info */
 #endif
 	struct ip_fw_chain *rule = NULL;
 #ifdef PFIL_HOOKS
 	struct packet_filter_hook *pfh;
 	struct mbuf *m0;
 	int rv;
+	u_int32_t chkours;
 #endif /* PFIL_HOOKS */
 
 #ifdef IPDIVERT
 	/* Get and reset firewall cookie */
 	divert_cookie = ip_divert_cookie;
 	ip_divert_cookie = 0;
 #else
 	divert_cookie = 0;
 #endif
 
@@ -489,35 +490,32 @@
 
 #ifdef BOOTP_COMPAT
 		if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY)
 			goto ours;
 #endif
 #ifdef IPFIREWALL_FORWARD
 		/*
 		 * If the addr to forward to is one of ours, we pretend to
 		 * be the destination for this packet.
 		 */
-		if (ip_fw_fwd_addr == NULL) {
-			if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
-				goto ours;
-		} else if (IA_SIN(ia)->sin_addr.s_addr ==
-					 ip_fw_fwd_addr->sin_addr.s_addr)
-			goto ours;
+		chkours = ip_fw_fwd_addr != NULL ?
+		    ip_fw_fwd_addr->sin_addr.s_addr : ip->ip_dst.s_addr;
 #else
-		if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr)
-			goto ours;
+		chkours = ip->ip_dst.s_addr;
 #endif
+		if (IA_SIN(ia)->sin_addr.s_addr == chkours)
+			goto ours;
 		if (ia->ia_ifp && ia->ia_ifp->if_flags & IFF_BROADCAST) {
 			if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
-			    ip->ip_dst.s_addr)
+			    chkours)
 				goto ours;
-			if (ip->ip_dst.s_addr == ia->ia_netbroadcast.s_addr)
+			if (ia->ia_netbroadcast.s_addr == chkours)
 				goto ours;
 		}
 	}
 	if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
 		struct in_multi *inm;
 		if (ip_mrouter) {
 			/*
 			 * If we are acting as a multicast router, all
 			 * incoming multicast packets are passed to the
 			 * kernel-level multicast forwarding function.