Error Messages From ssadm activate
-
Error output directory does not exist output directory
Return code : nonzero
You provided an invalid output directory name with ssadm activate.
-
Too many Time objects being used. Limit is 31.
Return code: 236
The policy being compiled and activated refers to more than 31 distinct time objects.
-
Registry objects redefined
Return code:
An entry in the registry (on disk) has more than one definition. All definitions after the first are lost upon the next save.
-
Screen object not found
Return code: 239
The -S passed to ssadm activate is a nonexistent Screen object.
-
file not found
Return code: 240
The policy to be read did not exist.
-
parse error
Return code: 241
The policy or registry file on disk is corrupt and cannot be read. Be sure you have a backup or a recent version saved.
-
compile error
Return code: 245
No longer used.
-
unresolved references
Return code: 250
A reference is made to a named object in the global registry that does not exist in the registry.
-
Error: Status NAT, but Addresses are different sizes (NAT entry)
Return code : nonzero
-
Error: Original and Translated Source Intersect
Return code : nonzero
-
Error: Original and Translated Destination Addresses Intersect
Return code : nonzero
-
Error: Cannot translate both source and destination addresses
Return code : nonzero
-
Screen object must define smtp address
Return code : nonzero
The Screen object must define the SMTP Address if the SMTP proxy is to be used.
-
Error: Service not defined (remote administration)
Return code : nonzero
The indicated service is needed by the system, but the definition has either been deleted or renamed in the global registry.
-
Error: SunScreen object has no Administrative Certificate Screen name
Return code : nonzero
The Screen object is not fully defined. Remote administration is indicated but the Screen is lacking a Certificate.
-
Error: SKIP and Ethernet filtering not supported
Return code: nonzero
An Ethernet-based Rule is specified (that is, a service that includes the "ether" state engine) and it also indicates SKIP is to be used.
-
Error: More than 16 Interfaces defined for a given type
Return code: nonzero
Only 16 of a given type of interface are supported.
-
Could not find HA Service
Return code: nonzero
HA is indicated but the services "HA administration" and "HA heartbeat" have been either removed or renamed.
-
Error: HA cluster missing HA IP Addresses
Return code: nonzero
The Screen objects participating in the current HA cluster lack HA_IP addresses.
-
Error: HA IP address is not on HA interface
Return code: nonzero
The HA IP address specified is not part of the HA interface.
-
Error: Service incorrectly defined
Return code: nonzero
A service has contradictory information, such as the same port but different state engines, or different parameters.
-
Error: Interfaces intersect
Return code: nonzero
Two (or more) interfaces' addresses intersect.
-
Error: Rule uses Certificate Group with Service containing Reverse Filter rule
Return code: nonzero
The reverse rule swaps the certificates, and groups are not supported in the encrypting case.
-
Error: Rule uses Certificate Group with Service containing Reverse State Engine RULE
Return code: nonzero
The reverse rule swaps the certificates, and groups are not supported in the encrypting case.
-
Error: Service not defined (remote administration)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (snmp traps)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (skip)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (certificate discovery)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (rip)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (dns)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: Service not defined (nis)
Return code: nonzero
The service is needed internally but has been either renamed or deleted.
-
Error: could not generate Rule from Screen: Screen name
Return code: nonzero
-
Error: could not generate Rule to Screen: Screen name
Return code: nonzero
-
Error: Screen name is missing encryption parameters
Return code: nonzero
-
Error: Screen name requires a certificate to administer Screen Screen name
Return code: nonzero
-
Error: Screen name requires a certificate to be administered by Screen Screen name
Return code: nonzero
-
Error: HA Secondary with no Master
Return code: nonzero
HA is indicated, but no primary Screen is specified.
-
Error: Incomplete Screen definition
Return code: nonzero
One of the following is missing given that HA_Secondary is indicated: certificate, key, data, mac, or compression algorithm.
-
Error: HA enabled with no HA Interface defined
Return code: nonzero
-
Error: HA enabled with multiple HA Interface(s) defined
Return code: nonzero
-
Error: HA not enabled but HA Interface(s) defined
Return code: nonzero
-
datacompiler: Error writing data file (fseek failed)
The data compiler could not write the output file owing to a failed fseek.
-
Error: Remote Certificate name1 uses multiple local certificates: name2 and name3
A certificate name1 that is not local to this Screen is used in at least two SKIP_VERSION_1 rules, but the local certificate is not the same. SunScreen supports only using a one local certificate for any given remote certificate in SKIP_VERSION_1 compatibility mode. You must either use skip_version_2 or change one of name2 and name3 to the other.
-
datacompiler: Manual Table too large. Limit is 65535.
There are more than 65535 pairs of certificates for either manual keying or support SKIP_V1 nodes. There is a limit of 65535.
-
datacompiler: Skip_V1 Table too large. Limit is 65535
There are more than 65535 pairs of certificates for either Manual Keying or support SKIP_V1 nodes. There is a limit of 65535.
-
Activation failed, error error code
Return code: 1
-
Active configuration: NAMEActivated by user on date
Return code: 0
-
Warning: Rule type could not be determined and is being discarded Svc addr . . .
A problem determining how to implement the rule occurred and is being discarded.
-
TYPE: name is already defined. Redefined on line <#> in file file
TYPE is address, action, service, state engine. This means that the name is defined multiple times. One of the definitions must be removed. Using the ssadm* command removes the first such definition. To remove the second, and keep the first intact, you must use a text editor on the file on the Screen.
-
Error: name1 is not defined. Used on line # [in file file] by name2
Indicates an unresolved reference, where name2 refers to name1 but name1 is not defined. You need to define name1 or remove the reference by modifying name2.
-
Address name is part of a cycle
A circular reference in an address list definition, such that list A includes list B as a member and list B includes list A as a member. You must break the cycle for the compilation to be successful.
-
Service name is part of a cycle
A circular reference in a service list definition, such that list A includes list B as a member and list B includes list A as a member. You must break the cycle for the compilation to be successful.
-
Service incorrectly defined. name...
The service is internally inconsistent. Either the service defines two state engines in the same class and subclass for the same port, or the same port and the same state engine are used twice but with different parameters. You must redefine this service for the compilation to be successful.
-
Error: "name" is not defined. Used on line # in file FILE by name
You are referring to an object (address, service) that has not yet been defined.
-
Invalid Domain Name: "name"
You have entered a domain name that has illegal characters, such as /. Use the default domain name "default."
-
Error: Domain "name" does not exist.
You have entered a nonexistent domain name. Use the default domain name "default.
-
unknown operation
You have requested an operation that is not recognized.
-
Sorry, character character not supported.
You have entered an unsupported character.
-
could not acquire lock to read data, please reissue request.
Too many concurrent processes are running.
-
could not acquire lock to write data, please reissue request.
Too many concurrent processes are running.
-
invalid input
You entered something incorrectly. Refer to the relevant man page to verify you have the correct command syntax.
-
unknown data type.
You requested an operation on an unknown data type.
-
Error: "name" cannot be a Local Certificate.
The first certificate specified is supposed to be the Administration Station's certificate. If the certificate is local to the Screen, then it cannot be the Administration Station's certificate.
-
Error: Missing Remote Certificate: "name"
The first certificate could not be found in the Certificate registry, as maintained by ssadm certificate. Be sure the entry is entered correctly.
-
Error: "name" must be a Local Certificate.
The second certificate must belong to the Screen. Try again and verify that the second certificate is the Screen's certificate.
-
Error: Could not find Local Certificate: "name"
The second certificate could not be found in the Certificate registry, as maintained by ssadm certificate. Be sure the entry is entered correctly.
-
cannot modify Address *
You attempted to modify *, which is not user-editable.
-
cannot modify Address "localhost"
You attempted to modify localhost, which is not user-editable.
-
Error: Service "SERVICE" not found
The user-indicated service is missing.
-
Warning: RULE uses invalid pair of certificate and will be ignored
A SKIP-based rule must include one local and one nonlocal certificate. If both are local, or both are nonlocal, then the rule is invalid and will be ignored. If you believe the rule is necessary for this Screen, verify that one of the certificates is local and one is nonlocal, and reactivate.
-
Warning: PROXY proxy server not found. No rule generated
You specified proxy definition cannot be found and a proxy rule was specified. The rule necessary to support the proxy cannot be generated. Be sure the appropriate proxy server is defined.
-
Error: Configuration "name" does not exist in domain name
The configuration does not exist.
-
Error: # NAT entries are incorrectly defined
The NAT entry is invalid if its public and private addresses intersect with each other or any other address in the NAT table. Be sure that no two NAT entries intersect.
-
Could not find HA Service
The service "HA Service" could not be found.
-
Service incorrectly Defined: SERVICE
The specified service is not well defined. For example, it may specify the same port for multiple state engines that conflict, like UDP and UDP-datagram.
-
Error: Interface does not exist (le0)
le0 is the name of the nonexistent interface. This happens if the global common registry being activated contains an interface that the machine that is doing the compile and activate does not have.
-
Warning: Could not verify Interface "name" exists
You added an interface and it could not be verified on the Screen.
-
Expecting "{" but found a character
The syntax entered was incorrect. See the man page for correct syntax.
-
Expecting "}" but found a character
The syntax entered was incorrect. See the man page for correct syntax.
-
Unexpected end of input
The syntax entered was incorrect. See the man page for correct syntax.
-
Invalid Range specified # - #
You entered a range where the end value was less than the start value.
-
Service definition is internally inconsistent
You specified service is not well-defined. For example, it may specify the same port for conflicting state engines, such as UDP and UDP-datagram.
- © 2010, Oracle Corporation and/or its affiliates