[Users] Unauthorized Calls - PLEASE HELP!

Hi Everyone, I aparently have something in my openser.cfg that is allowing unauthorized calls to go through to our PSTN gateways. I have included my config below for review. I would appreciate any help understanding how this might be happening. I am currently reviewing the CDRs from my PSTN gateways for clues as well. This is a pretty basic configuration with no NAT involved. Regards, Daryl route { # ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); exit; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); exit; }; if (method=="INVITE" || method=="ACK" || method=="BYE") { setflag(1); }; if (method=="INVITE") { if (is_user_in("From","inactive")) { if (uri =~ "^sip:911@") { xlog("L_NOTICE", "[$Tf] R1: $ci -- Allowing 911 Emergency Call on Inactive User\n" ); } else { sl_send_reply("403", "Forbidden"); xlog("L_NOTICE", "[$Tf] R1: $ci -- User Inactive\n" ); return; }; }; }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method!="REGISTER") { record_route(); }; # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) { xlog( "L_NOTICE", "[$Tf] RR: $ci -- Loose Route $rm ($rd).\n" ); if (!t_relay()) { sl_reply_error(); }; return; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(1); return; }; if (method=="ACK") { route(1); return; } else if (method=="REGISTER") { route(2); return; } else if (method=="INVITE") { route(3); return; } else if (method=="BYE" || method=="CANCEL") { t_relay(); exit; } lookup("aliases"); if (uri!=myself) { route(1); return; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; }; route(1); } route[1] { # ----------------------------------------------------------------- # Default Message Handler # ----------------------------------------------------------------- t_on_reply("1"); t_on_failure("2"); if (!t_relay()) { sl_reply_error(); }; } route[2] { # ----------------------------------------------------------------- # REGISTER Message Handler # ----------------------------------------------------------------- sl_send_reply("100", "Trying"); if (!www_authorize("","subscriber")) { www_challenge("","0"); exit; }; consume_credentials(); if (!save("location")) { sl_reply_error(); }; } route[3] { # ----------------------------------------------------------------- # INVITE Message Handler # ----------------------------------------------------------------- # Trusted Provider IPs if (!src_ip==x.x.x.x)&&(!src_ip==x.x.x.x)&&(!src_ip==x.x.x.x) { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; }; consume_credentials(); }; lookup("aliases"); if (uri!=myself) { route(1); return; }; if (uri=~"[@:](192\.168\.|10\.|172\.16)" && !search("^Route:")){ sl_send_reply("479", "We do not forward to private IP addresses"); }; if ((uri =~ "^sip:0@")|| /* Operator Assistance */ (uri =~ "^sip:911@")|| /* 911 Emergency */ (uri =~ "^sip:411@")|| /* Directory Assistance */ (uri =~ "^sip:1[0-9]{10}@")) { /* Domestic PSTN */ route(4); return; }; if (uri=~"^sip:0111[0-9]*@") { # Kill calls to 011+1... (invalid dialing) sl_send_reply("406", "Not Acceptable"); return; } if (uri=~"^sip:011[0-9]*@") { # International PSTN if(!is_user_in("From","gateway1")) { strip(3); # Remove 011 for Gateway2 } route(4); return; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; }; route(1); } route[4] { # ----------------------------------------------------------------- # PSTN Handler # ----------------------------------------------------------------- prefix("+"); # add "+" to Request URI append_hf("P-Asserted-Identity: \"User\"<sip:+1$avp(s:rpid)@x.x.x.x>\r\n"); uac_replace_from("$fn","sip:+$fU@$fd:5060"); if(is_user_in("From","gateway1")) { force_send_socket(x.x.x.x:5060); xlog("L_NOTICE", "[$Tf] Message sent via IP-1\n" ); } else { force_send_socket(x.x.x.x:5060); xlog("L_NOTICE", "[$Tf] Message sent via IP-2\n" ); }; ds_select_domain("1","0"); route(1); } onreply_route[1] { # we are checking here for a progressing return... ie a 180 Ringing or # 183 session progress -- if this occurs we don't care from here on # about failures as a gateway is handling the call... if( status =~ "18[0-9]" ) { xlog( "L_INFO", "[$Tf] ORR: $ci -- SIP-$rs Reset t_on_failure()\n"); t_on_failure("0"); } else { xlog( "L_INFO", "[$Tf] ORR: $ci -- $rs $rr\n" ); } } failure_route[2] { # 408 -- timeout -- typically the end party has not answered # Since we cancel t_on_failure() on a provisional response we should not be # getting a 408 timeout from a gateway at this stage.. it will just "fall through" # If fr_timer expires t_check_status("408") is true, although $rs is <null> if( t_check_status("408") ){ xlog( "L_NOTICE", "[$Tf] FR: $ci -- TIMEOUT for Gateway $rd\n" ); } else { xlog( "L_NOTICE", "[$Tf] FR: $ci -- $rs reason $rr\n" ); } # 403 -- Not a valid number, or possibly no permission to use the gateway if( t_check_status("403") ){ xlog("L_NOTICE", "[$Tf] FR: $ci -- SIP-$rs Forbidden\n" ); return; } # 486 -- User Busy if( t_check_status("486") ){ xlog("L_NOTICE", "[$Tf] FR: $ci -- SIP-$rs Destination Busy\n" ); return; } # 487 -- Request Cancelled (usually in response to a CANCEL transaction) if( t_check_status("487") ){ xlog("L_NOTICE", "[$Tf] FR: $ci -- SIP-$rs Request Cancelled\n" ); return; } # At this stage we try the next gateway, if no next gateway we bail. if( ds_next_domain() ){ t_on_reply("1"); t_on_failure("2"); xlog( "L_NOTICE", "[$Tf] FR: $ci Next gateway $fU -> $tU via $rd\n" ); if( !t_relay() ){ xlog( "L_WARN", "[$Tf] FR: $ci -- ERROR - Can not t_relay()\n" ); return; } return; } else { xlog( "L_WARN", "[$Tf] FR: $ci No more gateways -> 503.\n" ); t_reply("503", "Service unavailable -- no more gateways" ); return; } }