Instead of blocking these with your dial plan, you should block them with your firewall so that the attack traffic never reaches your VoIP equipment. To get around a dial plan block, all an attacker will need to do is use a valid Caller ID.
If you have port forwarding or DMZ in place, remove it. Port forwarding and DMZ disables your firewall and is a security risk. If your router has an option like "high security" or "strict UDP session control", enable it. If none of these solve the problem, your router is insecure. You can work around the problem by changing your OBi's X_UserAgentPort to a random number between 20000 and 65535, for example, 36941. This won't make you invulnerable, but it will take longer for the attackers to find you. A better solution would be to buy a new (more secure) router.