#!/bin/bash

###########################################################################
#
# MODULE:       Commands
# AUTHOR(S):    CacheGuard Development Team
# COPYRIGHT:    (C) 2009-2025 by CacheGuard Technologies Ltd (UK)
# COPYRIGHT:    (C) 2026-2026 by CacheGuard Technologies SAS (FR)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
###########################################################################

# Errors Table
Errors[1]="Syntax error: use the TAB key to get help."
Errors[2]="This command does not exist."
Errors[3]="This is not a valid ldap login attribute."
Errors[4]="This is not a valid ldap password attribute."
Errors[5]="This is not a valid ldap filter. Among other things and depending on the context white spaces are not allowed."
Errors[6]="This is not a valid ldap group name."
Errors[7]="This is not a valid distinguished name. Among other things and depending on the context white spaces are not allowed."
Errors[8]="This appliance is not yet registered and has no S/N."
Errors[9]="This is not a valid authentication mode."
Errors[10]="This operation is not supported or allowed in this context."
Errors[11]="This is not a valid QoS value in this context."
Errors[12]="This is not a valid IP address."
Errors[13]="This is not a valid network mask."
Errors[14]="The bandwidth is an integer greater than or equal to 1. Values are in kilobytes."
Errors[15]="A valid clock format has the form \"yyyy/mm/dd-hh:mm:ss\"."
Errors[16]="The entered domain name or full qualified domain name is not valid."
Errors[17]="This is not a valid email address."
Errors[18]="Valid state values are \"on\" or \"off\"."
Errors[19]="A valid file name should be a regular string."
Errors[20]="A valid high port number should be an integer between 1024 and 49151."
Errors[21]="This is not a valid URL."
Errors[22]="This is not a valid SNMP community string or password. Among other things white spaces are not allowed."
Errors[23]="This is not a valid timezone code. Use the \"timezonelist\" command to display valid codes."
Errors[24]="This is not a valid area code. Use the \"timezonelist\" command to display valid area codes."
Errors[25]="This is not a valid log serial number. Use an integer between 1 and ${LOGROTATE_NB}."
Errors[26]="This log does not exist."
Errors[27]="This is not a trusted file server. Use the \"access\" command to define trusted file servers."
Errors[28]="Only two chained certificates is supported by the present release."
Errors[29]="This is not a valid IKE or EAP identifier."
Errors[30]="This SSH key identifier does not exist."
Errors[31]="The logged in user is not allowed to perform this operation. To get full read/write rights login as the '${ADMIN_NAME}' user."
Errors[32]="This name or ID is reserved."
Errors[33]="This command is not available in this terminal."
Errors[34]="SNMP community string and password lengths should be equal or greater than 12 and less than or equal to 32."
Errors[35]="This is not a valid identifier. A valid identifier should begin with an alpha character and may contains alphanumeric characters, the characters underscore (_) and dash (-)."
Errors[36]="This is not a valid action. Valid actions are \"allow\" or \"deny\"."
Errors[37]="The file exclusion list includes one or more invalid file types."
Errors[38]="This IP address can't be used with this command on the present system."
Errors[39]="This URL list does not exist."
Errors[40]="This is not a valid physical network interface name."
Errors[41]="A vlan identifier is an integer between 0 and 4095."
Errors[42]="This VLAN number does not exist in the new configuration."
Errors[43]="This is not a valid logical network interface or it is not allowed in this context."
Errors[44]="This is not a valid flow sense."
Errors[45]="This is not a valid access type."
Errors[46]="This is not a valid VRRP network interface name."
Errors[47]="This is not a valid priority value. The priority value should be an integer between 0 and 255."
Errors[48]="This is not a valid HA (High Availability) role. Valid HA roles are 'master' and 'backup'."
Errors[49]="This is not a valid date frame."
Errors[50]="This is not a valid VRRP identifier. The VRRP identifier is an integer between 0 and 255."
Errors[51]="An empty password is not allowed."
Errors[52]="This is not a valid timezone."
Errors[53]="A country code should contain two alpha characters."
Errors[54]="A previous patch has been already loaded but not yet applied."
Errors[55]="It is not possible to save an empty URL list."
Errors[56]="This is not a valid destination network interface."
Errors[57]="It is not possible to change the date at this stage. Please get a license key first."
Errors[58]="This is not a valid guard filter type."
Errors[59]="This is not a valid protocol in this context."
Errors[60]="A valid port number ranges from 0 to 65535. A valid port range is in the form port1:port2 where port1 is less than or equal to port2."
Errors[61]="A valid service port number should be an integer between 1 and 49151."
Errors[62]="This is not a valid host IP address."
Errors[63]="This is not a valid file transfer protocol."
Errors[64]="This is not a valid URL list part name."
Errors[65]="This is not a valid firewall rule set."
Errors[66]="This is not a valid network IP address."
Errors[67]="It is not possible to set ports with this protocol."
Errors[68]="The first IP address should be less than or equal to the second IP address."
Errors[69]="This is not a valid role for a DHCP failover peer."
Errors[70]="This is not a valid IP network address specification."
Errors[71]="This is not a valid flow type."
Errors[72]="This website name does not exist in the new configuration."
Errors[73]="This IPsec VPN client type is not managed."
Errors[74]="The TLS component (certificate, key...) is not available."
Errors[75]="This client TLS object does not exist."
Errors[76]="The OCSP response validity days should be an integer between ${OCSP_DAYS_MIN} and ${OCSP_DAYS_MAX}."
Errors[77]="This is not a valid VPN side type. Valid VPN sides are: local and remote."
Errors[78]="This is not a valid full qualified domain name."
Errors[79]="This is not a valid host or service name."
Errors[80]="This is not a valid generic filter."
Errors[81]="This custom rule set does not exist in the new configuration."
Errors[82]="Syntax error in the filter rule file."
Errors[83]="This is not a valid VPN server identifier type."
Errors[84]="This is not a valid port name."
Errors[85]="This is not a valid logical network interface in this context."
Errors[86]="The password must be between 16 and 32 characters long and contain at least one lowercase char, one uppercase char, one digit and one special sign of !@#%.$&*-."
Errors[87]="This is not a valid URL list loading operation."
Errors[88]="It is not possible to update expression guards."
Errors[89]="Valid guard loading types are \"load\" and \"vload\"."
Errors[90]="The maximum number of items has been reached for this list."
Errors[91]="This is not a valid number of days for a certificate validity."
Errors[92]="Valid ldap protocols are \"ldap\", \"ldaps\" and \"sldap\"."
Errors[93]="Valid periods are \"weekly\" and \"daily\"."
Errors[94]="Valid periodic guard types are \"domains\" and \"urls\"."
Errors[95]="The loaded file is not in gzip compressed format."
Errors[96]="File transfer error."
Errors[97]="The max cached object size should be >= ${CACHE_MAX_OBJECT_SZ_MIN} KB and <= ${CACHE_MAX_OBJECT_SZ_MAX} KB."
Errors[98]="This is not a valid date."
Errors[99]="This is not a valid country code. You can use the \"countrylist\" command to get the list of available country codes."
Errors[100]="Run time error."
Errors[101]="It is not possible to load this URL in the cache."
Errors[102]="Another \"apply\" operation is running at this moment. Please try again later."
Errors[103]="A \"reboot\" operation is running at this moment. Please try again later."
Errors[104]="An input/output problem has occurred."
Errors[105]="The configuration is temporarily locked. If the problem persists, feel free to reboot the appliance."
Errors[106]="This command is not allowed in a transaction."
Errors[107]="A transaction has been already opened."
Errors[108]="Cancelling is not allowed because a patching process is running."
Errors[109]="The max AV file size should be greater than or equal to ${AV_MAX_FILE_MIN} kilobytes and less than or equal to ${AV_MAX_FILE_MAX} kilobytes."
Errors[110]="The default gateway should be connected to the appliance."
Errors[111]="Reading from the standard input is disabled."
Errors[112]="This is not a valid syslog protocol."
Errors[113]="This is neither a valid IP address nor a valid full qualified domain name."
Errors[114]="A certificate attribute can't be empty or contain special characters."
Errors[115]="This port is reserved for SNMP over TLS."
Errors[116]="This is not a valid SNMP version."
Errors[117]="This is not a valid SNMP v3 user name. Among other things white spaces are not allowed."
Errors[118]="This Web GUI password is not valid because it's too long or entries mismatch."
Errors[119]="This is not a well-known application supported by the WAF."
Errors[120]="No backup file has been created yet on this appliance."
Errors[121]="A DSCP value should be an integer between 0 and 63."
Errors[122]="This is not a valid list action. Valid list actions are add, del and raz."
Errors[123]="This operation is temporarily locked by another operation. You can use the \"job\" command to get a report on the current operations. If the problem persists, feel free to reboot the appliance."
Errors[124]="This certificate is not signed by the system's CA certificate."
Errors[125]="This is not a valid encryption algorithm."
Errors[126]="Private parts of a TLS client object can't be loaded."
Errors[127]="A name or identifier length should be less than or equal to ${MAX_NAME_LEN}."
Errors[128]="This is not a valid time slot."
Errors[129]="The given list contains an unknown guard filter."
Errors[130]="The given list contains an unknown guard policy."
Errors[131]="This guard policy does not exist."
Errors[132]="SNMP is not activated on this appliance."
Errors[133]="No receiver server has been configured."
Errors[134]="The new configuration should be applied first (using the apply command) before using this command."
Errors[135]="No ntp server has been configured."
Errors[136]="No auto update URL list has been configured."
Errors[137]="A weight should be greater than or equal to 0 and less than or equal to 100."
Errors[138]="This is not a valid load balancing algorithm."
Errors[139]="Allowed values for the stickiness are sticky or nosticky."
Errors[140]="An inserted load balancing cookie should begin with an alpha character and should contains alphanumeric characters only. Its length should be less than or equal to ${MAX_COOKIE_LEN}."
Errors[141]="This server TLS object does not exist."
Errors[142]="This operation is not allowed because the TLS object is in use. TLS objects can be used by the Web GUI, reverse websites, the OCSP server and VPNs."
Errors[143]="This command is not available on this appliance because it is running on a public cloud."
Errors[144]="It is not possible to create a SAN certificate with more than ${MAX_SAN_CERT_NB} names."
Errors[145]="A CA certificate can't contain special characters."
Errors[146]="Passwords mismatch."
Errors[147]="It is not possible to delete this item."
Errors[148]="In order to update/create the antivirus signature base, the antivirus mode should activated in the running configuration."
Errors[149]="This is not a valid source NAT IP address."
Errors[150]="This is not a valid destination NAT IP address."
Errors[151]="This is not a valid destination PAT port number."
Errors[152]="The specified record does not exist in this list."
Errors[153]="The size limit exceeded for the downloaded file(s)." # 153 is an internal error numner in bash
Errors[154]="This is not a valid CIDR network IP address."
Errors[155]="There is no active subscription associated to this appliance."
Errors[156]="No license key is required on this appliance."
Errors[157]="This QoS shaping rule does not exist."
Errors[158]="This is not a valid IP prefix. A valid IP prefix is integer between 1 and 32."
Errors[159]="The given value(s) exceeded the highest allowed value(s). Refer to the documentation to get more information."
Errors[160]="The given value is not allowed. Refer to the documentation to get more information."
Errors[161]="This value can't be greater than the value given during the installation."
Errors[162]="This is not a valid FTP login name."
Errors[163]="This is not a valid password for an account on a file server. Among other things white spaces are not allowed."
Errors[164]="The HA (High Availability) mode is not activated on this appliance."
Errors[165]="This is not a valid operation on this HA appliance node."
Errors[166]="The maximum number of WAF rules per reverse website has been reached."
Errors[167]="This feature can't be activated because it has been locked during the installation."
Errors[168]="It is not possible to create a backup because a backup file has been loaded previously but has not yet been applied."
Errors[169]="The minimum value should be less than or equal to the maximum value."
Errors[170]="The minimum value should be greater than or equal to zero."
Errors[171]="The maximum size for cached big objects should be >= ${CACHE_MAX_OBJECT_SZ_MIN} KB and <= $[${PROXY_CACHE_UNIT_SZ} * 1024] KB (automatically reserved area size for for big objects during installation)."
Errors[172]="A valid rule ID should be numerical."
Errors[173]="Allowed values for the stickiness mode are insert or use."
Errors[174]="The LDAP authentication mode is not activated on this appliance."
Errors[175]="No LDAP server has been configured."
Errors[176]="The timeout period was reached."
Errors[177]="A microsecond should be a digit between 1 and 9999999999999999999."
Errors[178]="Source NAT is not possible with protocols that use dynamic ports."
Errors[179]="Reverse Web hosts (backend Web servers) can only be accessed via the rweb, the external or the vpnipsec interfaces."
Errors[180]="This is not a valid route specification."
Errors[181]="It is not possible to cache objects with a size less than ${CACHE_MIN_OBJECT_SZ_MIN} KB."
Errors[182]="It is not possible to generate a TLS certificate with all specified inputs."
Errors[183]="This is not a valid exception type."
Errors[184]="This is not a valid file type in this context."
Errors[185]="This appliance has been already registered."
Errors[186]="This embedded application can't be activated on this appliance."
Errors[187]="This is not a valid encryption type in this context."
Errors[188]="This is not a valid canonical name."
Errors[189]="This is not a valid MAC address. A valid MAC address is a sequence of of 6 hexadecimal values between 00 and FF separated by the colon (":") character."
Errors[190]="This is not a valid digit."
Errors[191]="It is not possible to perform this operations on the backup file while it is being saved or loaded."
Errors[192]="Certificate validity days should be an integer between ${TLS_DAYS_MIN} and ${TLS_DAYS_MAX}."
Errors[193]="This is not a valid certificate revoking reason. Valid revoking reasons are: keyCompromise, CACompromise, affiliationChanged, superseded, cessationOfOperation and unspecified."
Errors[194]="This is not a valid VPN type. Valid VPN types are: site and access."
Errors[195]="This is not a valid IPsec VPN authentication method. Valid VPN authentication types are: psk, tls and eaptls."
Errors[196]="This is not a valid encryption algorithm. Valid encryption algorithms are: aes128, aes192, aes256, aes128ctr, aes192ctr and aes256ctr."
Errors[197]="This is not a valid integrity algorithm (authentication hash function). Valid integrity algorithms are: sha256, sha384 and sha512."
Errors[198]="This is not a valid Diffie Hellman group . Valid Diffie Hellman groups are: modp1536, modp2048, modp3072, modp4096, modp6144 and modp8192."
Errors[199]="This VPN does not exist in the new configuration."
Errors[200]="Integrity error."
Errors[201]="This is not a valid site to site IPsec VPN role. Valid roles are: active and passive (use the raz keyword to restore the default behaviour)."
Errors[202]="A PSK (Pre Shared Key) must be between 32 and 64 characters long and can't include white spaces."
Errors[203]="This website name does not exist or is not associated to the specified exposed IP address in the new configuration."
Errors[204]="This IP address is reserved."
Errors[205]="This operation is locked because the same operation is currently running. If the problem persists, feel free to reboot the appliance."
Errors[206]="This command is only available on a Manager system outside a template or gateway context."
Errors[207]="This command or command usage form can only be invoked on a Gateway system or inside a template or gateway context on a Manager system."
Errors[208]="This is not a valid manager role. Valid manager roles are 'master' and 'backup'."
Errors[209]="This logical network interface is not available on a Manager system. You can use the logical internal network interface only."
Errors[210]="This is not a valid SSH key type. Valid SSH key types are \"public\" and \"private\"."
Errors[211]="This is not a valid file operation. Valid operations on files are \"load\", \"save\" and \"del\" in some contexts."
Errors[212]="This command can't be invoked inside a template or gateway configuration context on a Manager system."
Errors[213]="This is not a valid TLS identifier. A valid TLS identifier should begin with an alpha character and may contains alphanumeric characters, the characters dash (-) and dot(.)."
Errors[214]="This command or command usage can only be invoked inside a template or gateway context on a Manager system."
Errors[215]="Unable to connect to the remote gateway system."
Errors[216]="This gateway identifier is already associated to another gateway identified by its UUID."
Errors[217]="The UUID (Universally Unique IDentifier) returned by the gateway is not in a valid format."
Errors[218]="The target template or gateway does not exist."
Errors[219]="No template or gateway in the specified domain group is present on this manager to execute commands on them."
Errors[220]="The loaded file is not in ASCII plain text format."
Errors[221]="The loaded private key is in an encrypted format."
Errors[222]="The loaded TLS component is not valid."
Errors[223]="The loaded private key is not an RSA key."
Errors[224]="The loaded certificate is not a CA certificate."
Errors[225]="The loaded SSH key is not valid."
Errors[226]="The loaded antivirus whitelist file is not valid."
Errors[227]="The loaded file size is greater than the maximum allowed size for this type of file."
Errors[228]="The manager and the remote gateway are not running the same OS version."
Errors[229]="The remote system does not seem to be a valid gateway."
Errors[230]="The remote system is not a gateway system."
Errors[231]="This command or command usage form can only be invoked on a Gateway system or outside a template or gateway context on a Manager system."
Errors[232]="This command or command usage form can only be invoked on a Gateway system."
Errors[233]="The system's CA certificate can't be loaded in DER format."
Errors[234]="This command can't be invoked inside a gateway execution context on a Manager system."
Errors[235]="This IP address has been already enrolled and associated to another gateway identifier."
Errors[236]="The specified gateway or template configuration is not yet validated and hence can't be used. Use the apply command inside that gateway or template context to validate it first."
Errors[237]="The source and destination configurations should differ."
Errors[238]="This template or gateway can't be delete because it is in use by an administrator."
Errors[239]="This command or command usage form can only be invoked on a Gateway system or inside a gateway context on a Manager system."
Errors[240]="The total number of managed users exceeds the capacity on this manager which is ${MANAGER_TOTAL_USERS_NB}."
Errors[241]="The total number of managed reverse websites exceeds the capacity on this manager which is ${MANAGER_TOTAL_RWEB_NB}."
Errors[242]="The pushed configuration to the remote gateway does not allow the pushing manager to manage the target gateway."
Errors[243]="The loaded certificate is signed by the system's CA certificate while it's serial number is associated to another TLS object identifer present in the system."
Errors[244]="This Dynamic DNS provider is not supported in this OS version."
Errors[245]="This is not a valid antivirus update method."
Errors[246]="This is not a valid manager HA role. Valid manager HA role are: master and slave."
Errors[247]="This operation is not allowed on a slave manager."
Errors[248]="A private key size should be an integer greater than or equal to 512 (bits) and less than or equal to 4096 (bits)."
Errors[249]="This is not a valid firewall dos type."
Errors[250]="Flood values should be between 1 and 10000."
Errors[251]="The maximum number of TCP SYN per single source IP should be between 0 and 1000000000. The 0 value stands for no limitation."
Errors[252]="URL list files in compressed format can't be larger than $[${MAX_URLLIST_GZ_SZ}/1024] MB."
Errors[253]="This is not a valid administrator name. A valid administrator name is a combination of alphanumeric characters and the space character."
Errors[254]="This error code means that an indirect error code has to be displayed."
Errors[255]="This is an internal unexpected error."
Errors[256]="Port numbers should be unique."
Errors[257]="A name server IP address should be different than the appliance IP addresses."
Errors[258]="The appliance IP addresses cannot belong to overlapped networks."
Errors[259]="An ntp IP address should be different than the appliance IP addresses."
Errors[260]="A peer IP address should be different than the appliance IP addresses."
Errors[261]="Gateways in the routing table should be connected to the appliance."
Errors[262]="There is a peer IP address conflict. A peer is declared as several peer types."
Errors[263]="Real IP addresses and associated VRRP IP should not be different and belong to the same valid network."
Errors[264]="A logical network interface should contain at least one physical network interface."
Errors[265]="A physical NIC can't belong to more than one logical NIC."
Errors[266]="It is not possible to define a route for a connected network."
Errors[267]="It is not possible to NAT the destination IP address to the appliance IP address itself."
Errors[268]="A DHCP range should be a subset of the internal (or web VLAN) network."
Errors[269]="The DHCP IP ranges cannot overlap one another."
Errors[270]="The IP address of a DHCP failover peer should be different than the internal (or web vlan) IP address."
Errors[271]="At least one DHCP IP address range or a fixed IP address should be defined to activate the DHCP server."
Errors[272]="It is not possible to activate the DHCP server without setting an internal (or web vlan) IP address."
Errors[273]="The number of DHCP IP addresses in defined ranges exceeds the number of installed end users."
Errors[274]="The \"guard\" mode can only be activated when the forwarding Web proxy is activated. To activate the forwarding Web proxy turn the \"web\" or \"tweb\" (transparent web) modes on."
Errors[275]="It is not possible to setup a next peer when the \"rweb\" mode is activated."
Errors[276]="URL lists auto load configuration contains a non trusted file server."
Errors[277]="A reverse website name should be different than the appliance full qualified domain name (<hostname>.<domainname>."
Errors[278]="It is not possible to deactivate all (internal, external, auxiliary or vpnipsec) administration access topology."
Errors[279]="The HA (High Availability) mode is activated but VRRP IP addresses are not configured."
Errors[280]="When the \"ha\" mode is activated, the IP address associated to a reverse website should be a VRRP IP address."
Errors[281]="To activate the ldap authentication mode, ldap servers and possibly bind information should be defined."
Errors[282]="It is not possible to mix authentication sldap servers with authentication ldap and/or ldaps servers."
Errors[283]="It is not possible to activate the authentication mode with the transparent mode only."
Errors[284]="It is not possible to activate the authentication mode if both web and rweb authenticated targets are deactivated."
Errors[285]="The public IP of a reverse website should belong to a valid external IP network."
Errors[286]="Multiple gateways for the same routed network should belong to the same connected network."
Errors[287]="A reverse website should be associated at least to one real backend web server."
Errors[288]="One of the TLS, TCP or UDP protocols should be activated for the SNMP service."
Errors[289]="The file server account (login/password) list contains a non trusted file server."
Errors[290]="New third party CA certificates can't be empty and should be loaded/imported from a trusted file server."
Errors[291]="Shaped bandwidth expressed in Kbps should be less than or equal to the given network interface bandwidth limit."
Errors[292]="To activate the authentication mode, at least one authentication type (ldap, kerberos...) should be activated."
Errors[293]="To activate the kerberos authentication mode, kerberos server(s) should be defined."
Errors[294]="To activate the kerberos authentication mode, the domain name should contain at least one dot (".") character."
Errors[295]="Guard policies can't use LDAP based filters while the authentication mode is deactivated."
Errors[296]="A DHCP fixed IP address should belong to the internal (or web VLAN) network."
Errors[297]="The number of DHCP fixed IP addresses exceeds the number of installed end users."
Errors[298]="The WAF mode can only be activated while the rWeb (reverse Web) mode is activated."
Errors[299]="The transparent Web source NAT mode can only be deactivated while the router mode is activated."
Errors[300]="It is not possible to sign certificates because the appliance system's CA is outdated."
Errors[301]="IP addresses (including VRRPs and rWeb alias IPs) can't be used as a gateway in the routing configuration."
Errors[302]="HTTPS rWeb (reverse Web) sites should be associated to existing TLS objects that include a private key. In case where a chain certificate is specified, all referenced CA should also exist."
Errors[303]="The IPsec VPN authentication method is based on an inexistent SSL certificate or an SSL certificate without an associated private key. In case where the identifier to use for the authentication is based on an FQDN, the SSL certificate should be a SAN certificate excluding any wildcard names."
Errors[304]="The IPsec VPN site mode is activated but no IPsec VPN site is defined."
Errors[305]="The IPsec VPN site mode is activated while no remote network is defined or a defined remote network is a local connected network."
Errors[306]="In IPsec VPN site mode, remote IPsec VPN peer IPs should be different than the external IP address."
Errors[307]="In IPsec VPN site mode, remote IPsec VPN peer IPs should be unique."
Errors[308]="In IPsec VPN access mode, a defined remote network should be different than local connected networks."
Errors[309]="The main IP configuration and defined IPsec VPN networks are inconsistent. Review the IPsec VPN network configuration (using the \"vpnipsec\" command) and/or the main IP configuration (using the \"ip\" command). Refer to the \"vpnipsec\" command manual (or use the \"help vpnipsec\" command from the CLI) for further information."
Errors[310]="The TLS object used to sign/check OCSP responses should exist and include a private key and a certificate that has been signed by the system's CA certificate."
Errors[311]="It is not possible to overwrite the system's CA certificate because there are active certificates signed by this system's CA."
Errors[312]="The SNMP client certificates should be self signed or be signed by a CA certificate known by the system. Import missing CA certificate using the \"tls\" command."
Errors[313]="A standby gateway (with a weight of 0) can't be the unique gateway to route the traffic for a network. Add at least one non standby gateway (with a weight greater than 0) for that network."
Errors[314]="The Web GUI uses inexistent TLS identifier(s)."
Errors[315]="The total number of gateways used to route more than one network can't exceed ${MAX_MULTI_GATEWAYS}."
Errors[316]="IPsec VPNs via gateways should exist and be external. An external gateway is a gateway that is connected to the external interface."
Errors[317]="When more than one external gateway is defined, at least one master gateway should be explicitly associated to each VPN. An external gateway is a gateway that is connected to the external interface."
Errors[318]="If more than one gateway is specified for a network to route, only one can be in standby mode (with a weight of 0)."
Errors[319]="In a site to site IPsec VPN configuration, backup IP addresses assigned to a remote peer should be different than the master IP assigned to that peer. The master IP of a remote peer, is the one that is set when adding the site to site VPN."
Errors[320]="Reverse website via gateways should exist and be external. An external gateway is a gateway that is connected to the external interface."
Errors[321]="When more than one external gateway is defined, at least one master gateway should be explicitly associated to each reverse website identified by a site name and a public IP address. An external gateway is a gateway that is connected to the external interface."
Errors[322]="A via gateway associated to an IPsec VPN can’t be a standby gateway (with a weight of 0)."
Errors[323]="A via gateway associated to a reverse website can’t be a standby gateway (with a weight of 0)."
Errors[324]="Global via gateways should exist and be external. An external gateway is a gateway that is connected to the external interface."
Errors[325]="When more than one external gateway is defined, at least one master via gateway should be globally defined. An external gateway is a gateway that is connected to the external interface."
Errors[326]="A global via gateway can’t be a standby gateway (with a weight of 0)."
Errors[327]="SSH administration can’t be disabled when the system is managed by a manager. Remove all manager accesses to to be able to disable the SSH administration."
Errors[328]="The manager access list contains a member for which a public SSH key has not been defined."
Errors[329]="A private key associated to the system's CA certificate is loaded while its related CA certificate itself is not loaded at the same time."
Errors[330]="The loaded system's CA certificate and its related (loaded or existing) private key don't match."
Errors[331]="Loaded client certificates should be signed by the system's CA certificate."
Errors[332]=""
Errors[333]="A loaded server certificate and its related (loaded or existing) private key don't match."
Errors[334]="A server certificate can't be imported because a certificate with the same subject and serial number already exists and it has been signed by the system's CA certificate."
Errors[335]="The appliance does not have enough RAM to activate this new configuration."
Errors[336]="The manager’s private and public SSH keys should be loaded at the same time to allow the system to verify that they match."
Errors[337]="The loaded manager’s private and public SSH keys are not compatible each with other."
Errors[338]="The number of defined reverse websites in the configuration exceeds the maximum number of allowed reverse websites on the remote gateway."
Errors[339]="The number of defined server certificates in the configuration exceeds the maximum number of allowed server certificates on the remote gateway."
Errors[340]="URL lists auto update configuration contains at least one record that uses the push method while no remote manager system has been configured to access the system."
Errors[341]="The \"compress\" mode can only be activated when the forwarding or reverse Web proxies are activated. To activate the forwarding Web proxy turn the \"web\" or \"tweb\" (transparent web) modes on. To activate the reverse Web proxy turn the \"rweb\" mode on."
Errors[342]="The \"cache\" mode can only be activated when the forwarding or reverse Web proxies are activated. To activate the forwarding Web proxy turn the \"web\" or \"tweb\" (transparent web) modes on. To activate the reverse Web proxy turn the \"rweb\" mode on."
Errors[343]="The \"sslmediate\" mode can only be activated when the forwarding Web proxy is activated. To activate the forwarding Web proxy turn the \"web\" or \"tweb\" (transparent web) modes on."
Errors[344]="When the forwarding Web proxy is activated only in transparent mode (\"tweb\" mode is turned on and \"web\" mode is turned off), the  \"sslmediate\" mode can be turned on only if the SSL mediation is turned on in transparent mode (\"sslmediate transparent\" is turned on)."
Errors[345]="The update method for the extended antivirus is set to push while no remote manager system has been configured to access the system."
Errors[346]=""
Errors[347]="The HA mode is activate on the manager while the IP address of the remote peer manager is not specified. In addition, a slave manager must know the SSH public key of its remote master peer."
Errors[348]="On a gateway system running on a public cloud, the NIC associated to the logical external interface, can only be eth0."
Errors[349]="On a gateway system running on a public cloud, the NIC associated to the logical internal interface, can only be eth1."
Errors[350]="On a manager system running on a public cloud, the NIC associated to the logical internal interface, can only be eth0."
Errors[351]="On a gateway system running on a public cloud, the external interface IP configuration can't be modified."
Errors[352]="On a gateway system running on a public cloud, the internal interface IP configuration can't be modified."
Errors[353]="On a manager system running on a public cloud, the internal interface IP configuration can't be modified."
Errors[354]="On a system running on a public cloud, the default route can only be the one that has been assigned by the public cloud environment."
Errors[355]="This appliance requires at least ${MIN_NIC_NB} network interface cards."
Errors[356]="On a gateway system running on a public cloud, the VLAN mode can't be activated."
Errors[357]="On a gateway system running on a public cloud, the HA mode can't be activated."
Errors[358]="At least one URL list is referenced in a guard rule while it is inexistent."
Errors[359]="At least one URL list is referenced in the SSL mediation exception list while it is inexistent."
Errors[360]="The specified CA certificate associated to LDAPS server is inexistent."
Errors[361]="The ${EMBEDDED_VPNSUBSCR_CLI_NAME} embedded application should be associated to an existing TLS object that includes a private key. In case where a chain certificate is specified, all referenced CA should also exist."
Errors[362]="At least one site to site IPsec VPN uses an inexistent TLS identifier."
Errors[363]="On a gateway system running on a public cloud, the public IP of a reverse website should not differ from the appliance external IP address."
Errors[364]="HTTP to HTTPS redirection for mono protocol (HTTP xor HTTPS) reverse websites is not supported."
Errors[365]="A reverse website name should be different than the chosen name for the ${EMBEDDED_VPNSUBSCR_CLI_NAME} embedded application."
Errors[366]="The ${EMBEDDED_VPNSUBSCR_CLI_NAME} embedded applications can't be activated in HA mode."
Errors[367]="The ${EMBEDDED_VPNSUBSCR_CLI_NAME} embedded applications can't be activated when the \"rweb\" mode is deactivated."
Errors[368]="The ${EMBEDDED_VPNSUBSCR_CLI_NAME} embedded applications can't be activated on this appliance without providing a license key."
Errors[369]="The Auditing Web GUI can't be activated when the Administration Web GUI is deactivated."
Errors[370]="The specified CA certificate for the SSL-based syslog servers does not exist."
Errors[371]=""
Errors[372]=""
Errors[373]=""
Errors[374]=""
Errors[375]=""
Errors[376]=""
Errors[377]=""
Errors[378]=""
Errors[379]=""
Errors[380]=""
Errors[381]=""
Errors[382]=""
Errors[383]=""
Errors[384]=""
Errors[385]=""
Errors[386]=""
Errors[387]=""
Errors[388]=""
Errors[389]=""
Errors[390]=""
Errors[391]=""
Errors[392]=""
Errors[393]=""
Errors[394]=""
Errors[395]=""
Errors[396]=""
Errors[397]=""
Errors[398]=""
Errors[399]=""
Errors[400]=""
Errors[401]=""
Errors[402]=""
Errors[403]=""
Errors[404]=""
Errors[405]=""
Errors[406]=""
Errors[407]=""
Errors[408]=""
Errors[409]=""
Errors[410]=""
Errors[411]=""
Errors[412]=""
Errors[413]=""
Errors[414]=""
Errors[415]=""
Errors[416]=""
Errors[417]=""
Errors[418]=""
Errors[419]=""
Errors[420]=""
Errors[421]=""
Errors[422]=""
Errors[423]=""
Errors[424]=""
Errors[425]=""
Errors[426]=""
Errors[427]=""
Errors[428]=""
Errors[429]=""
Errors[430]=""
Errors[431]=""
Errors[432]=""
Errors[433]=""
Errors[434]=""
Errors[435]=""
Errors[436]=""
Errors[437]=""
Errors[438]=""
Errors[439]=""
Errors[440]=""
Errors[441]=""
Errors[442]=""
Errors[443]=""
Errors[444]=""
Errors[445]=""
Errors[446]=""
Errors[447]=""
Errors[448]=""
Errors[449]=""
Errors[450]=""
Errors[451]=""
Errors[452]=""
Errors[453]=""
Errors[454]=""
Errors[455]=""
Errors[456]=""
Errors[457]=""
Errors[458]=""
Errors[459]=""
Errors[460]=""
Errors[461]=""
Errors[462]=""
Errors[463]=""
Errors[464]=""
Errors[465]=""
Errors[466]=""
Errors[467]=""
Errors[468]=""
Errors[469]=""
Errors[470]=""
Errors[471]=""
Errors[472]=""
Errors[473]=""
Errors[474]=""
Errors[475]=""
Errors[476]=""
Errors[477]=""
Errors[478]=""
Errors[479]=""
Errors[480]=""
Errors[481]=""
Errors[482]=""
Errors[483]=""
Errors[484]=""
Errors[485]=""
Errors[486]=""
Errors[487]=""
Errors[488]=""
Errors[489]=""
Errors[490]=""
Errors[491]=""
Errors[492]=""
Errors[493]=""
Errors[494]=""
Errors[495]=""
Errors[496]=""
Errors[497]=""
Errors[498]=""
Errors[499]=""
Errors[500]=""
Errors[501]=""
Errors[502]=""
Errors[503]=""
Errors[504]=""
Errors[505]=""
Errors[506]=""
Errors[507]=""
Errors[508]=""
Errors[509]=""
Errors[510]=""
Errors[511]=""
Errors[512]="The current server name for the administrator email account is not set."
Errors[513]="The current TCP port number associated to the email server for the administrator email account is not set."
Errors[514]="The current username for the administrator email account is not set."
Errors[515]="The email can't be sent."
Errors[516]="This is not a valid port number."
Errors[517]="This is not an email account username."
Errors[518]="The private part of the specified TLS client is no longer available on this system."
Errors[519]="This is not a valid embedded application reference."
Errors[520]="The input name can't be an IP address in this context."
Errors[521]="An EAP-TLS based authentication for a site to site IPsec tunnel can't be based on a certificate."
Errors[522]="This is not a valid Site to Site IPsec VPN authentication method. Valid VPN authentication types are psk and tls."
Errors[523]="This is not a valid API key."
Errors[524]="Can't generate the Authenticator key."
Errors[525]="The generated secret key can't be verified."
Errors[526]="This command is reserved."
Errors[527]="This administrator user is inexistant."
Errors[528]="This is not a valid dynamic DNS account username."
Errors[529]="The Dynamic DNS is not active."
Errors[530]="The Dynamic DNS update interval must be between ${MIN_DYNAMIC_DNS_INTERVAL} and ${MAX_DYNAMIC_DNS_INTERVAL} minutes."
Errors[531]="The maximum supported password length is ${MAX_LEN} characters."
Errors[532]="The Dynamic DNS service did not return an IP address."
Errors[533]="The appliance was unable to successfully contact the Dynamic DNS update service."
Errors[534]="This log type is not valid."

# Warnings Table
Warnings[1]="This vlan does not exist in the current configuration."
Warnings[2]="This VLAN deos not exist in the new configuration."
Warnings[3]="The Web compression has been disabled in traffic transiting via the forwarding proxy due to the activation of the antivirus mode."
Warnings[4]="Multiple HTTPS websites share the same IP address. Make sure that those HTTPS websites use the same TLS object which should include a SAN or wildcard certificate."
Warnings[5]="The specified gateway exist but it does not belong to the specified domain."
Warnings[6]="This information is not available in a template context."
Warnings[7]="An already applied/activated certificate revocation can't be cancelled."
Warnings[8]="The certificate has been already revoked an its revocation reason can't be changed."
Warnings[9]="In case where the update method for extended antivirus signatures is \"push\", their explicit updates are fully effective after an explicit antivirus update operation at the manager level."
Warnings[10]="In case where the update method for extended antivirus signatures is \"push\", their explicit creations from scratch are fully effective after an explicit antivirus create operation at the manager level."

# Messages Table
Informations[0]="This is an asynchronous command. Check the termination by using the keyword \"report\"."
Informations[1]="The configuration is consistent."
Informations[2]="This command can't be executed on a remote gateway and therefore it has been ignored."
Informations[3]="No patch is available for this appliance (the current OS version is the latest)."
Informations[4]="A newer version is available but a reinstallation from scratch is needed to upgrade."
Informations[5]="No gateway is configured on this system."
Informations[6]="The email has been successfully sent."
Informations[7]="The 2FA has been activated for your account. The next time you login you should enter your verification code in addition to your usual login password."
