Call Forward Security


I have just realised that anyone can forward any phone anywhere.

For example, someone dials *72 for an Unconditional forward. The first thing they are prompted for is an extension number. This can be anyones, they can then set the forward to anywhere!

I am trying to lock this down and using the below. It goes through the stages but does not set the forward, can anyone spot what I’m doing wrong?

All I want them to do is dial *72 and for the system to recognise their callerid. It only needs to prompt them with where they want their phone forwarded to.

exten => s,1,Answer
exten => s,n,Wait(1)
exten => s,n,Playback(call-fwd-unconditional)
exten => s,n,Wait(1)
exten => s,n(startread),Playback(ent-target-attendant)
exten => s,n,Read(toext,then-press-pound,)
exten => s,n,GotoIf($[“foo${toext}”=“foo”]?startread)
exten => s,n,Wait(1)
exten => s,n,Set(DB(CFIM/${CALLERID(number)}=${toext})
exten => s,n,Playback(call-fwd-unconditional&for&extension)
exten => s,n,SayDigits(${CALLERID(number)})
exten => s,n,Playback(is-set-to)
exten => s,n,SayDigits(${toext})
exten => s,n,Macro(hangupcall,)


Instead of using the variable ${CALLERID(number)} try using ${AMPUSER}

Hi there

I got it working. I had missed out a ) in the DB line:

exten => s,n,Set(DB(CF/${AMPUSER})=${toext})

However during all my faffing I have the following entry that I cannot delete (when I run database show cf)

/CF/ :
1 results found.

Can anyone advise on how to get rid of this ‘bad value’ entry.