Failed to allocate memory.

分配内存失败

Failed to set an IPv6 header variable to 0.

将IPv6头可变部分置零时出错

Failed to add SP entry in kernel.

向内核添加SP（Security Policy，安全策略） entry失败

Failed to find SP entry in kernel.

在内核中查找SP entry失败

The SP doesn't exist in kernel.

内核中不存在SP

The IPsec tunnel doesn't exist in kernel.

内核中不存在IPsec隧道

The DPD doesn't exist in kernel.

内核中不存在DPD（Dead Peer Detection，对等体存活检测）

Failed to require CCFJOB structure.

申请CCF JOB结构失败

Failed to encrypt CCF.

CCF加密失败

The SA doesn't exist.

SA不存在

Failed to decrypt CCF.

CCF解密失败

Failed to create CCF session.

创建CCF session失败

The packet hash values don’t match.

解封装后的报文哈希值不匹配

No SA in IPsec tunnel.

IPsec隧道中没有SA

Can't find next SA in AH-ESP mode.

AH-ESP模式下，下一个SA找不到

IPsec tunnel has been deleted or updated when fast forwarding is performed.

快转时IPsec隧道已经被删除或更新

Packet should have been encrypted by IPsec.

报文本应该被IPsec保护

SA has been deleted or updated when fast forwarding is performed.

快转时SA已经被删除或更新

In transport mode, SA address doesn’t match packet address.

传输模式下，报文中的地址与SA中的不一致

The packet is too big: size = size.

报文过大，报文大小为size

Failed to add outer IP header.

添加外部IP头失败

The packet is not an IPsec packet.

非IPsec报文

Can't find SP.

找不到SP

Can't find SA by SP.

根据SP查找不到对应的SA

Failed to add node to invalid SPI hash table.

向无效SPI哈希表添加节点失败

Failed to add SA to IPsec tunnel.

向IPsec隧道添加SA失败

Failed to connect to the IPsec daemon.

连接IPsec用户态守护进程失败

The block-flow-table doesn't exist.

阻流表不存在

The ACL mode is wrong.

ACL模式错误

Received replayed packet.

收到了重放包

Can’t find SA when processing ICMP too big packet: SPI = spi.

在处理ICMP过大报文过程中找不到SA，SPI值为spi

No SA in IPsec tunnel.

IPsec隧道没有任何SA

Invalid IPsec profile index.

无效的IPsec profile索引

Failed to get IPsec profile name.

获取IPsec profile名称失败

After decryption, source address check failed.

解封装后源地址检查失败

Failed to create lipc socket.

创建lipc socket失败

The SP already exists.

SP已经存在

Failed to add SP in kernel.

向内核添加SP失败

Failed to add profile SP in kernel

向内核添加profile SP失败

Failed to add SA in kernel.

向内核添加SA失败

Failed to delete SA in kernel.

删除内核中的SA失败

Failed to add IPsec tunnel in kernel.

向内核添加IPsec隧道失败

Failed to delete tunnel in kernel.

删除内核中的IPsec隧道失败

Failed to add DPD in kernel.

向内核添加DPD失败

Failed to delete DPD in kernel.

删除内核中的DPD失败

The SP entry doesn't exist in kernel.

内核SP entry不存在

Number of SAs exceeded the limit.

SA数量超过最大值

Failed to create IPsec IF-CB.

创建IPsec接口控制块失败

Failed to set IPsec IF-CB to interface

(ifIndex = ifindex)

向接口上设置IPsec接口控制块失败，其接口索引为ifindex

Failed to change the aging timer for block-flow-table.

修改阻流表的老化时间失败

Failed to create policy/template.

由命令行创建策略/模板失败

Failed to create policy/template group.

由命令行创建策略组/模板组失败

Failed to initialize policy hash table.

策略哈希表初始化失败

Failed to recover policy/template.

恢复策略/模板失败

Failed to recover policy/template group.

恢复策略组/模板组失败

Failed to recover transform reference.

恢复提议的引用关系失败

Failed to save policy/template/profile info to DBM.

向DBM中保存策略/模板/profile信息失败

Failed to delete policy/template/profile info from DBM.

从DBM中删除策略/模板/profile信息失败

Failed to save system configuration to DBM.

向DBM中保存系统配置失败

Failed to save transform configuration to DBM.

向DBM中保存提议配置失败

Failed to get system configuration from DBM.

从DBM中读取系统配置失败

Failed to save source interface configuration to DBM.

向DBM中保存源接口配置失败               

Failed to save interface configuration to DBM.

向DBM中保存接口配置失败

Failed to get interface name by ifIndex.

通过接口索引获取接口名称失败

Failed to start IPsec daemon.

启动IPsec进程失败

Failed to alloc SP index.

分配SP索引失败

Failed to malloc SP.

分配SP资源失败

Failed to malloc SP entry.

分配SP entry资源失败

Failed to update kernel SP entry.

更新内核的SP entry失败

Failed to find SP entry.

查找SP entry 失败

Failed to add SP to array.

将SP加入数组失败

Failed to find template group.

查找模板组失败

Failed to add policy SP to kernel

向内核添加policy SP失败

Failed to find policy SP.

查找policy SP失败

Failed to add profile SP to kernel.

向内核添加profile SP失败

Failed to get SP when filling ISAKMP SA data.

填充ISAKMP SA数据时获取SP失败

Failed to get DPD when filling ISAKMP SA data.

填充ISAKMP SA数据时获取DPD失败

Failed to add IPsec tunnel when adding manual SA.

添加手工SA时添加IPsec隧道失败

Failed to add IPsec tunnel during ISSU update process.

进行ISSU升级时，添加IPsec隧道失败

Failed to add SA when adding manual SA.

添加手工SA时添加SA失败

Failed to fill SA when adding ISAKMP SA.

添加ISAKMP方式SA时填充SA失败

Failed to add IPsec tunnel when adding ISAKMP SA.

添加ISAKMP方式SA时添加IPsec隧道失败

Failed to add timer when adding ISAKMP SA.

添加ISAKMP方式SA时添加定时器失败

Failed to alloc SPI.

分配SPI失败

Failed to alloc new SPI for ISAKMP SA.

分配ISAKMP方式SA的新SPI失败

Failed to alloc larva SA index when adding larva SA.

添加临时SA时分配临时SA索引失败

Failed to add larval SA.

添加临时SA失败

Failed to alloc SA index.

分配SA索引失败

Failed to alloc ISAKMP SA index.

分配ISAKMP方式SA的索引失败

Failed to alloc manual SA index.

分配手工方式SA的索引失败

Failed to add SA.

添加SA失败

Failed to add SA to kernel.

向内核添加SA失败

Failed to add SA to kernel during ISSU update process.

当进行ISSU升级时向内核添加SA失败

Failed to alloc DPD Index.

分配DPD索引失败

Failed to add DPD timer.

添加DPD定时器失败

Failed to add DPD to kernel.

向内核添加DPD失败

Failed to add DPD timer during smooth processing with IKE.

和IKE进行平滑处理时添加DPD定时器失败

Failed to add DPD to kernel during smooth processing with IKE.

和IKE进行平滑处理时向内核添加DPD数据失败

The same outbound profile SA has existed. SPI: spi Protocol: protocol.

已存在相同的出方向profile SA（IPsec profile生成的SA）。SPI值为spi，协议类型为protocol

The same outbound policy SA has existed. SPI: spi, Remote address: remote-addr, Protocol: protocol.

已存在相同出方向的policy SA（IPsec policy生成的SA）。SPI值为SPI，对端地址为remote-addr，协议类型为protocol

Failed to generate static route.

新建IPsec隧道时，生成路由信息失败

Failed to add static route.

新建IPsec隧道时，路由模块添加静态路由失败

Failed to delete static route.

删除IPsec隧道时，路由模块删除静态路由失败

Failed to notify route module of starting to smooth IPv4 static routes.

和路由模块平滑路由过程中通知路由模块开始平滑IPv4路由，通知失败

Failed to notify route module of starting to smooth IPv6 static routes.

和路由模块平滑路由过程中通知路由模块开始平滑IPv6路由，通知失败

Failed to subscribe service events.

订阅服务事件失败

Failed to set IPsec fragmentation before encryption configuration to kernel.

向内核设置IPsec加密前分片功能失败

Can't find IPsec policy when setting group name.

设置GDOI组名称时查找IPsec安全策略失败

Failed to create GDOI SA entry.

创建GDOI SA entry失败

Failed to allocate GDOI IPsec SA index.

申请GDOI类型IPsec SA索引资源失败

Failed to find GDOI SP SA entry.

查找GDOI类型SP SA表项失败

Failed to get SP when comparing decrypted packets with ACL.

将解封装后的报文进行ACL匹配时查找SP失败

Failed to pre-fragment packet. Dropped the packet.

对报文进行预分片处理失败，丢弃报文

Can't find shared source SP entry.

不能查找到共享源接口的SP entry

Inbound IPsec processing: source address=src-addr, destination address=des-addr, protocol=pro. Packet was dropped according to IPsec policy policyname(sequence number: seqnum).

报文入方向IPsec处理：源地址为src-addr，目的地址为des-addr，协议为：pro。根据IPsec策略（序列号为seqnum）的匹配结果，该报文被丢弃

Failed to get IF CB: ifIndex=index.

获取接口控制块失败，接口索引为index

Inbound IPsec processing: Failed to check packet by ACL.

入方向IPsec处理：报文未通过ACL检查

Inbound IPsec fast processing: SPI not match.

入方向IPsec快转处理：SPI与快转表不匹配

Failed to Convert Buf To Mbuf. Dropped packet.

转换快转BUF为慢转MBUF失败，丢弃报文

Inbound IPsec fast processing: Failed to check packet by ACL.

入方向IPsec快转处理：报文未通过ACL检查

Failed to get Packet Info.

获取报文信息失败

Inbound IPsec fast GDOI processing: Failed to check packet.

入方向IPsec GDOI快转处理：检查报文失败

Output IPsec fast processing: Max loopCount exceeded.

出方向IPsec快转处理：报文的本地回环计数超出最大值

Output IPsec fast processing: Failed to get IPsec cache data.

出方向IPsec快转处理：获取IPsec快转表数据失败

Inbound AH processing: Dropped packet matching GDOI SA (SPI: spi).

入方向AH报文处理：报文匹配上GDOI类型SA的报文（SPI为spi），被丢弃

Failed to add IPsec SA in kernel: invalid IPsec SA index.

在内核中添加IPsec SA失败，该IPsec SA的索引非法

Failed to add IPsec SA to array hash in kernel.

在内核中添加IPsec SA到哈希队列失败

Failed to add IPsec SA to outbound hash in kernel.

在内核中添加IPsec SA到出方向哈希队列失败

Failed to add IPsec SA to inbound hash in kernel.

在内核中添加IPsec SA到入方向哈希队列失败

Failed to get packet information.

获取解封装后的报文信息失败

No SA in GDOI flow.

找不到用于保护GDOI流的SA

Failed to add outbound SA (index: index) for GDOI flow.

设置保护GDOI流的出方向SA失败

Failed to add flow to HIPAC.

向流表中添加流失败

Failed to alloc memory in kernel.

在内核中分配内存失败

Failed to add GDOI flow to array hash table in kernel.

在内核中添加GDOI类型的流到哈希表失败

Failed to add GDOI flow in kernel.

在内核中添加GDOI类型的流失败

Failed to find IPsec SA with index index when switching SA in kernel.

当在内核中切换SA时根据索引index查找IPsec SA失败

Can't find policy/template when setting security ACL.

设置security ACL时查找IPsec安全策略/模版失败

Failed to add GDOI flow to SP.

添加GDOI类型的流信息到SP失败

Failed to add IPsec SA when adding GDOI SA to SP.

添加GDOI SA到SP的过程中添加IPsec SA失败

Failed to find GDOI SP when adding GDOI SA to SP.

添加GDOI SA到SP的过程中查找GDOI SP失败

Failed to find IPsec SP when adding GDOI SA to SP.

添加GDOI SA到SP的过程中查找IPsec SP失败

Failed to send message of dereference GDOI group to GM.

发送解除IPsec策略引用GDOI组的消息到GM失败

Failed to send message of reference GDOI group to GM.

发送IPsec策略引用GDOI组的消息到GM失败

Failed to add download resource to GDOI SP.

添加KS下发的flow和IPsec资源到GDOI SP失败

Failed to add GDOI SP index.

增加GDOI SP索引失败

Failed to create GDOI SP.

创建GDOI SP失败

Failed to get GDOI group.

获取GDOI组失败

Failed to find GDOI SA entry to set current SPI(spi).

设置SPI为spi的当前SPI时查找GDOI SA表项失败

Failed to set outbound IPsec SA (index: index) to kernel.

在内核设置索引为index的出方向IPsec SA失败

Failed to find GDOI IPsec SA index with SPI spi to set outbound IPsec SA.

设置出方向IPsec SA时查找SPI为spi的GDOI类型的IPsec SA索引失败

Failed to add all GDOI SA entries to SP.

将所有GDOI SA添加到SP时失败

Failed to add IPsec SA index to GDOI SP SA entry.

添加IPsec SA索引到GDOI SP SA表项失败

Failed to create GDOI SP flow.

创建GDOI SP流失败

Failed to find IPsec GDOI SP when clearing ACL check flag.

清除ACL检查标记时查找IPsec GDOI SP失败

Failed to find IPsec GDOI SP when setting ACL check flag.

设置ACL检查标记时查找IPsec GDOI SP失败

Failed to find GDOI SP when display GDOI SA.

显示GDOI SA时查找GDOI SP失败

Failed to find SP SA Entry when display GDOI SA.

显示GDOI SA时查找SP SA Entry失败

Failed to get packet information.

获取解密后报文信息失败

No IPv6 SA in GDOI Flow.

GDOI流中没有IPv6 SA

Failed to add GDOI IPsec SA in kernel.

在内核中添加GDOI类型的IPsec SA失败

Failed to delete GDOI IPsec SA in kernel.

在内核中删除GDOI类型的IPsec SA失败

Failed to switch GDOI IPsec SA (index: index) in kernel.

在内核中切换GDOI IPsec SA（index为index）失败

Failed to find IPsec SA with index (index) when updating SA in kernel.

在内核中更新SA时查找IPsec SA（index为index）失败

Failed to allocate asynchronous encryption data memory.

申请异步加密数据内存失败

Failed to allocate asynchronous data.

申请异步数据内存失败

Failed to match ACL by packet information.

报文信息与ACL匹配失败

Inbound AH processing: Dropped packet matching GDOI SA (SPI: spi).

入方向AH报文处理：接收到匹配上SPI为spi的GDOI SA的报文，丢弃报文

Inbound AH IPv6 processing: Dropped packet matching GDOI SA (SPI: spi).

入方向AH IPv6报文处理：接收到匹配上SPI为spi的GDOI SA的报文，丢弃报文

Inbound AH IPv6 processing: Received invalid packet (SPI: spi). Dropped the packet.

入方向AH IPv6报文处理，接收到匹配上SPI为spi的GDOI SA的报文，丢弃报文

Inbound IPsec ESP processing: Authentication failed.

入方向IPsec ESP报文处理：验证失败

Inbound IPsec ESP processing: Received invalid SPI spi.

入方向IPsec ESP报文处理：接收到一个非法的SPI值为spi

Inbound IPsec processing: Failed to process QoS before decapsulation.

入方向IPsec处理：解封装前QoS处理失败

Failed to set IPsec fragmentation configuration to kernel.

向内核设置IPsec加密后分片功能开关失败

Failed to install IKE.

初始化IKE失败

Invalid length of synchronization update SA.

要同步更新的SA长度非法

Processing GDOI synchronization message of switching SA (index: index): Failed to find outbound SA.

处理GDOI切换索引为index的SA的同步消息：查找出方向SA失败

Processing GDOI synchronization message of switching SA (index: index): Failed to find GDOI SP SA entry.

处理GDOI切换索引为index的SA的同步消息：查找GDOI类型的SP SA表项失败

Processing GDOI synchronization message of switching SA (index: index): Failed to send sync message to kernel.

处理GDOI切换索引为index的SA的同步消息：向内核发送同步信息失败

Invalid length of sync SA.

要同步的SA长度非法

Failed to add SA to backup card.

向备用主控板添加SA失败

Failed to add local SA to backup card.

向备用主控板添加本地SA失败

Invalid length of sync GDOI flow.

要同步的GDOI流长度非法

Failed to add GDOI flow.to backup card.

同步添加GDOI流失败

Failed to allocate memory to sync GDOI SP SA entry.

申请要同步的GDOI类型的SP SA表项空间失败

Failed to create synchronization GDOI SP SA entry.

创建要同步的GDOI类型的SP SA表项失败

Failed to add synchronization GDOI flow.

同步添加GDOI流失败

Failed to find GDOI SP SA entry to update SA (SPI: spi).

更新SPI为spi的IPsec SA时查找GDOI类型SP SA表项失败

Failed to find outbound IPsec SA index with SPI spi to update IPsec SA.

更新IPsec SA时查找SPI为spi的出方向IPsec SA索引失败

Failed to update inbound and outbound IPsec SAs.

更新一套IPsec SA失败

Failed to get IPsec SA indexes to update inbound and outbound IPsec SAs.

更新IPsec SA时获取一套IPsec SA索引失败

Failed to send IPsec SA (index: index) update message to kernel.

向内核发送更新索引为index的IPsec SA消息失败

Updating GDOI IPsec SA: Failed to find outbound IPsec SA with index(index).

更新GDOI IPsec SA：通过值为index的索引获取出方向IPsec SA失败

Updating outbound GDOI IPsec SA: Unsupported protocol(PROTO) .

更新GDOI类型出方向IPsec SA：不支持的协议类型 PROTO

Updating GDOI IPsec SA: Failed to find inbound IPsec SA with index(index).

更新GDOI类型IPsec SA：通过值为index的索引查找入方向IPsec SA失败

Updating inbound GDOI IPsec SA: Unsupported protocol protocol-type.

更新GDOI类型入方向IPsec SA：不支持的协议类型protocol-type

Smooth processiong: Failed to smooth GDOI SP flow of group (name: GroupName).

平滑处理：创建GDOI安全策略流失败

Smooth processiong:Failed to find GDOI SP SA entry to add IPsec GDOI SA.

平滑处理：添加IPsec GDOI SA时，查找不到对应的GDOI安全策略表项

Smooth processiong: Failed to add IPsec GDOI SA by GDOI SA entry.

平滑处理：通过GDOI SA表项添加IPsec GDOI SA失败

Smooth processiong: Failed to add GDOI SA to SP.

平滑处理：添加GDOI SA到安全策略失败

Smooth processiong: Failed to create GDOI SP flow

平滑处理：创建GDOI安全策略流失败

Smooth processiong: Failed to create GDOI SP SA entry.

平滑处理：创建GDOI安全策略SA表项失败

Failed to set GDOI outbound IPsec SA(index: index) to kernel.

下发索引为index的GDOI出方向IPsec SA到内核失败

Restoring GDOI SP SA entry: Failed to allocate GDOI SP SA entry.

恢复GDOI安全策略SA表项：申请GDOI安全策略SA表项空间失败

Failed to restore GDOI IPsec SA index.

恢复GDOI IPsec SA索引失败

Failed to cache GDOI SP SA entry when smoothing GDOI flow.

平滑GDOI流时，缓存GDOI安全策略SA表项失败

Failed to rebuild group (name: GroupName) GDOI SP flow.

重建名为GroupName组的GDOI安全策略流失败

Failed to allocate GDOI SP SA entry.

申请GDOI安全策略SA表项空间失败

Failed to add GDOI SP SA entry.

添加GDOI安全策略SA表项失败

Failed to allocate GDOI SP flow.

申请GDOI安全策略流空间失败

Failed to allocate GDOI SP.

申请GDOI安全策略空间失败

Failed to create GDOI SP SA entry: not enough resources.

内存不足，创建GDOI安全策略SA表项失败

Failed to create GDOI IPsec SA index: not enough resources.

内存不足，创建GDOI IPsec SA索引失败

Failed to create GDOI SP: not enough resources.

内存不足，创建GDOI安全策略失败

Failed to allocate GDOI SP SA entry index.

申请GDOI安全策略SA表项索引失败

Failed to add IPsec GDOI SA by GDOI SA entry.

通过GDOI SA表项添加IPsec GDOI SA失败

Smooth processiong: Failed to add no-context data to SP because resources were short.

平滑处理：内存不足，将缓存的没有上下文的数据下发到接口失败

Smooth processiong: Failed to add no-context IPsec GDOI SA by GDOI SA entry.

平滑处理：添加安全策略SA表项下记录的没有上下文的GDOI SA失败

Smooth processiong: Failed to find GDOI SA when adding no-context GDOI SA

平滑处理：添加没有上下文的GDOI SA时，查找GDOI SA失败

Smooth processiong: Failed to add IPsec GDOI SA when adding no-context GDOI SA

平滑处理：添加没有上下文的GDOI SA时，添加IPsec GDOI SA失败

Smooth processiong: Failed to add IPsec SA index when adding no-context GDOI SA

平滑处理：添加没有上下文的GDOI SA时，添加IPsec SA索引失败

Failed to add GDOI flow to kernel.

添加GDOI流到内核失败

Failed to find entry to add GDOI SP SA.

添加GDOI安全策略SA时找不到表项

Failed to add GDOI update download data to SP: not enough resources.

内存不足，将GDOI的更新数据添加至安全策略失败

Failed to add GDOI download data to SP: not enough resources.

内存不足，将GDOI下发的数据添加到安全策略失败

Failed to update GDOI IPsec SA to kernel.

更新GDOI IPsec SA到内核失败

Smooth processing: Failed to add GDOI SA entry.

平滑处理：添加GDOI SA表项失败

Smooth processing: Failed to add GDOI IPsec SA.

平滑处理：添加GDOI IPsec SA失败

Smooth processing: Failed to add GDOI IPsec SA to kernel.

平滑处理：添加GDOI IPsec SA到内核失败

Smooth processing: Failed to add GDOI SA(SPI: spi).

平滑处理：添加SPI为spi的GDOI SA失败

Smooth processing: Failed to add GDOI IPsec SA because resources were short.

平滑处理：内存不足，添加GDOI IPsec SA失败

Smooth processing: Failed to add GDOI IPsec SA because context was invalid.

平滑处理：上下文非法，添加GDOI IPsec SA失败

Failed to allocate GDOI SA entry.

申请GDOI SA表项空间失败

Failed to find SA entry to create GDOI SA.

添加GDOI SA时，查找SA表项失败

Failed to allocate GDOI SA.

申请GDOI SA空间失败

Failed to find SA entry to create GDOI SA update data.

创建GDOI SA的更新数据时，查找SA表项失败

Failed to allocate GDOI SA update data.

申请GDOI SA更新数据空间失败

Failed to add GDOI IPsec SA to kernel.

添加GDOI IPsec SA到内核失败

Failed to add GDOI IPsec SA.

添加GDOI IPsec SA失败

Failed to add GDOI IPsec SA: not enough resources.

内存不足，添加GDOI IPsec SA失败

Restoring GDOI SP SA Entry: Failed to find GDOI SP.

恢复GDOI安全策略SA表项时，查找GDOI安全策略失败

Processing group(name: GroupName) smooth end message: Failed to find GDOI group.

处理GDOI组平滑结束消息：获取GDOI组失败

Processing group(name: GroupName) smooth end message: Failed to add download resource to all interfaces.

处理GDOI组平滑结束消息：将资源下发到所有接口失败

Processing group(name: GroupName) smooth begin message: Failed to find GDOI group.

处理GDOI组平滑开始消息：获取GDOI组失败

Processing group(name: GroupName) smooth TEK message: Failed to find GDOI group.

处理GDOI组平滑TEK消息：获取GDOI组失败

Processing group(name: GroupName) smooth TEK message: Failed to add GDOI SA(SPI: spi).

处理GDOI组平滑TEK消息：添加SPI为spi的GDOI SA失败

Processing group(name: GroupName) smooth flow message: Failed to find GDOI group.

处理GDOI组平滑流消息：获取GDOI组失败

Processing group(name: GroupName) smooth flow message: Failed to add GDOI flow(rule num).

处理GDOI组平滑流消息：添加ACL规则编号为num的GDOI流失败

Failed to reference GDOI group: not enough resources.

内存不足，引用GDOI组失败

IPsec policy SPName family (SPFamily ) and GDOI GM group GroupName family (GroupFamily) not match.

SPName策略的IPsec协议簇版本为SPFamily，与名为GroupName的GDOI GM组的协议簇GroupFamily不符合

Processing group(name: GroupName) delete-all message: Failed to find GDOI group.

处理组GDOI组删除所有数据消息：获取GDOI组失败

Processing group(name: GroupName) batch-update-TEK message: Failed to find GDOI group.

处理组GDOI组批量更新TEK消息：获取GDOI组失败

Processing group(name: GroupName) batch-update-TEK message: Failed to find GDOI SA(SPI: spi).

处理组GDOI组批量更新TEK消息：获取SPI为spi的GDOI SA失败

Processing group(name: GroupName) batch-sync-flow message: Failed to find GDOI group.

处理组GDOI组批量同步流消息：获取GDOI组失败

Processing group(name: GroupName) batch-sync-flow message: Failed to synchronize GDOI flow

处理GDOI组批量同步流消息：同步GDOI流失败

Processing group(name: GroupName) batch-set-outbound-TEK message: Failed to find GDOI group.

处理GDOI组批量配置出方向TEK消息：获取GDOI组失败

Processing group(name: GroupName) batch-set-outbound-TEK message: Failed to set outbound SA(SPI: spi).

处理GDOI组批量配置出方向TEK消息：设置SPI为spi的出方向SA失败

Processing group(name: GroupName) batch-update end message: Stop processing: not enough resources.

处理GDOI组批量更新结束消息：内存不足，处理中断

Processing group(name: GroupName) batch-update end message: Failed to find GDOI group.

处理GDOI组批量更新结束消息：查找GDOI组失败

Processing group(name: GroupName) batch-update end message: Failed to add download resource to all interfaces.

处理GDOI组批量更新结束消息：添加下发数据到所有接口失败

Processing group(name: GroupName) batch-delete-TEK-SPI message: Failed to find GDOI group.

处理GDOI组批量删除TEK SPI消息：查找GDOI组失败

Processing group(name: GroupName) batch-delete-TEK-flow message: Failed to find GDOI group.

处理GDOI组批量删除TEK流消息：查找GDOI组失败

Processing group(name: GroupName) batch-delete-TEK-flow message: Failed to cache GDOI flow(rule rule).

处理GDOI组批量删除TEK流消息：缓存编号为rule的GDOI流失败

Processing group(name: GroupName) batch-update begin message: Stop processing: not enough resources.

处理GDOI组批量更新开始消息：内存不足，处理中断

Processing group(name: GroupName) batch-update begin message: Failed to find GDOI group.

处理GDOI组批量更新开始消息：查找GDOI组失败

Processing group(name: GroupName) batch-add-TEK message: Processing stopped because resources were short

处理GDOI组批量添加TEK消息：内存不足，处理中断

Processing group(name: GroupName) batch-add-TEK message: Failed to find GDOI group.

处理GDOI组批量添加TEK消息：查找GDOI组失败

Processing group(name: GroupName) batch-add-TEK message: Failed to Cached GDOI SA(SPI: spi).

处理GDOI组批量添加TEK消息：缓存SPI为spi的GDOI SA失败

Processing group(name: GroupName) batch-add-flow message: Stop processing: not enough resources.

处理GDOI组批量添加流消息：内存不足，处理中断

Processing group(name: GroupName) batch-add-flow message: Failed to find GDOI group.

处理GDOI组批量添加流消息：获取GDOI组失败

Processing group(name: GroupName) batch-add-flow message: Failed to add GDOI flow(rule rule).

处理GDOI组批量添加流消息：添加编号为rule的GDOI流失败

Smooth processing: Failed to find IPsec SP when adding GDOI group(name: GroupName) smooth data to SP.

平滑处理：添加GDOI组数据到接口时，查找IPsec安全策略失败

Smooth processing: Failed to find GDOI SP when adding GDOI group(name: GroupName) smooth data to SP.

平滑处理：添加GDOI组数据到接口时，查找GDOI安全策略失败

Smooth processing:Failed to add smooth data to SP when adding GDOI group(name: GroupName) smooth data to SP.

平滑处理：添加GDOI组数据到接口时，添加平滑数据失败

Failed to find GDOI group (name: GroupName) when recovering GDOI SP.

恢复GDOI安全策略时，查找名为GroupName的GDOI组失败

Failed to recover GDOI SP(index: index).

恢复索引为index的GDOI安全策略失败

Failed to add SA to IF: not enough resources.

内存不足，添加SA到接口失败

Failed to find SA entry when adding GDOI SA to SP.

添加GDOI SA到安全策略时，查找SA表项失败

Failed to find IPsec SP when adding GDOI SA to SP.

添加GDOI SA到安全策略时，查找IPsec安全策略失败

Failed to find GDOI SP when adding GDOI SA to SP.

添加GDOI SA到安全策略时，查找GDOI安全策略失败

Failed to add IPsec SA when adding GDOI SA to SP.

添加GDOI SA到安全策略时，添加IPsec SA失败

Failed to Set outbound IPsec SA (index: index) to kernel.

下发索引为index的出方向IPsec SA到内核失败

Failed to find GDOI SP when adding SA.

添加SA时，查找GDOI安全策略失败

Failed to find group GroupName when adding SA.

添加SA时，查找组名为GroupName组失败

Failed to add download resource to GDOI SP.

将下发的数据添加到GDOI安全策略失败

Failed to cache GDOI flow(rule num) to be deleted.

缓存待删除的ACL规则编号为num的GDOI流失败

Failed to cache GDOI SA (SPI: spi).

缓存SPI为spi的GDOI SA失败

Failed to create SP index: not enough resources.

内存不足，创建安全策略索引失败

Failed to allocate GDOI group index.

申请GDOI组索引空间失败

Failed to allocate GDOI group: not enough resources.

内存不足，申请GDOI组空间失败

Failed to allocate GDOI group.

申请GDOI组空间失败

Smooth processing: Failed to find IPsec SP when adding no-context data of GDOI group group-name to SP.

平滑处理：添加GDOI组没有上下文的数据到安全策略时，查找IPsec安全策略失败

Smooth processing:Failed to find GDOI SP when adding no-context data of GDOI group group-name  to SP.

平滑处理：添加GDOI组没有上下文的数据到安全策略时，查找GDOI安全策略失败

Smooth processing:Failed to add smooth data to SP when adding no-context data of GDOI group group-name to SP.

平滑处理：添加GDOI组没有上下文的数据到安全策略时，添加平滑数据到安全策略失败

Smooth processing: Failed to find IPsec SP when adding GDOI group(name: GroupName) update data to SP.

平滑处理：添加GDOI组更新数据到安全策略时，查找IPsec安全策略失败

Smooth processing: Failed to find GDOI SP when adding GDOI group(name: GroupName) update data to SP.

平滑处理：添加GDOI组更新数据到安全策略时，查找GDOI安全策略失败

Smooth processing: Failed to add update data to SP when adding GDOI group(name: GroupName) update data to SP.

平滑处理：添加GDOI组更新数据到安全策略时，添加更新数据到安全策略失败

Smooth processing: Failed to add smooth data when adding GDOI group(name: GroupName) download data to SP.

平滑处理：添加GDOI组下发的数据到安全策略时，添加平滑数据失败

Smooth processing: Failed to create GDOI flow.

平滑处理：创建GDOI流失败

Smooth processing: Failed to add GDOI flow.

平滑处理：添加GDOI流失败

Failed to create GDOI flow.

创建GDOI流失败

Failed to allocate flow: not enough resources.

内存不足，申请流空间失败

Processing check group(name: GroupName) reference message: No interface referenced this group.

处理检查名为GroupName组的检查组引用信息时，没有接口引用了这个组

Processing check group(name: GroupName)  reference message: Failed to send message.

处理检查名为GroupName组的检查组引用信息时，发送消息失败

The IPsec IF-CB(ifIndex = ifindex) will be deleted in kernel.

内核中的IPsec的接口控制快（接口序号为ifindex）将要被删除掉

Can't find block-flow-table.

找不到阻流表

Can't find an IPsec tunnel to match the flow.

找不到匹配流的IPsec隧道

IPsec daemon successfully connected.

成功连接到IPsec用户态守护进程

IPsec daemon disconnected.

与用户态守护进程失去连接

Sent SA-Acquire message: SP ID = ID.

发送SA协商请求，对应SP的ID为ID

Sent SA-Expire message: SP ID = SPID, tunnel ID = TNLID.

发送SA重协商请求，对应SP的ID为SPID，Tunnel ID为TNLID

Sent Invalid-SPI message: SPI = spi.

发送Invalid-SPI消息， SPI值为spi

Sent DPD-Request message: DPD ID = DPDID

发送DPD探测请求消息， DPD ID为DPDID

Updated outbound SA of IPsec tunnel: SA ID = saindex.

更新IPsec隧道出方向的SA，SA序号为saindex

Received an interface event message for interface interface-type interface-num, event: event.

收到响应接口事件消息，接口名称为interface-type interface-num，接口事件为event

Received interface network layer event message.

收到响应接口网络层事件消息

Received an event message for slot slot-id, event: event.

收到响应接口板事件消息，板号为slot-number，消息类型为event

Received an ACL message for ACL acl-number, event: event.

收到ACL消息，ACL编号为acl-number，消息类型为event

Received an address message for interface interface-type interface-num, event: event.

收到地址消息，接口名称为interface-type interface-num，消息类型为event

Sent notify message to kernel: slot slot-id, event: event.

发送notify消息给内核，板号为slot-number，消息类型为event

Sent msg to kernel.

向内核发送消息msg，msg是消息类型，包括以下几种：

·     add SP entry：添加SP entry

·     update SP entry：更新SP entry

·     delete SP entry：删除SP entry

·     add source-if SP entry：添加源接口SP entry

·     delete source-if SP entry：删除源接口SP entry

·     add SP：添加SP

·     update SP：更新SP

·     delete SP：删除SP

·     add profile SP：添加profile SP

·     delete profile SP：删除profile SP

·     update profile SP：更新profile SP

Added SA to kernel successfully .

向内核添加SA成功

SA successfully added in kernel.

内核添加SA成功

SA successfully deleted in kernel.

删除内核中的SA成功

Added outbound SA to IPsec tunnel(SA ID = sa-index)

向IPsec隧道添加出方向SA(SA索引为sa-index)

Added tunnel to kernel successfully.

向内核添加IPsec隧道成功

IPsec tunnel successfully added in kernel.

内核添加IPsec隧道成功

IPsec tunnel successfully deleted in kernel.

删除内核中的IPsec隧道成功

IPsec tunnel successfully added to list.

向链表添加IPsec隧道成功

IPsec tunnel added to aggregation-hash

向聚合哈希表中添加IPsec隧道成功

Added SP entry.

添加SP entry

Added SP by policy.

根据策略添加SP

SP entry successfully added in kernel.

内核成功添加SP entry

SP successfully added in kernel.

内核成功添加SP

Added policy SA by manual SP, SP index: index, SP sequence number: sp-seq.

成功根据手工SP添加策略SA，SP索引为sp-index，SP序号为sp-seq

Successfully added an IPsec tunnel during ISSU update process.

在ISSU升级时成功添加IPsec隧道

Added an IPsec tunnel when adding manual SA: tunnel index = tunnel-id, tunnel sequence number = tunnel_seq.

添加手工SA过程中成功添加IPsec隧道。IPsec隧道索引是tunnel-id，IPsec隧道序号是tunnel_seq

Added manual SAs. Number of SAs added is number.

成功添加手工SA。添加的SA的个数number

No. ordinal-number SA: index = sa-id, sequence number = sa-seq.

第ordinal-number个SA的索引是sa-id，SA的序列号是sa-seq

Added SA context to SP.

成功向SP中添加SA内容

Added an IPsec tunnel when adding ISAKMP SA: tunnel index = tunnel-id, tunnel sequence number = tunnel_seq.

添加ISAKMP方式SA过程中成功添加IPsec隧道。IPsec隧道索引是tunnel-id，IPsec隧道序号是tunnel_seq

Added ISAKMP SAs. Number of SAs added is number. No. ordinal-number SA: index = sa-id, sequence number = sa-seq.

成功添加ISAKMP方式SA。添加的SA的个数number，第ordinal-number个的SA索引是sa-id，SA序号是sa-seq

Added SA context to IKE.

向IKE发送SA内容

Timer successfully added when adding ISAKMP SA.

添加ISAKMP方式SA时添加定时器成功

Started to smoothly process SA with IKE.

开始和IKE进行平滑SA

Finished smooth processing SA with IKE.

结束和IKE平滑SA

Started to smoothly process IPsec tunnel with IKE.

开始和IKE进行平滑IPsec隧道

Finished smooth processing IPsec tunnel with IKE.

结束和IKE平滑IPsec隧道

Started to smoothly process DPD with IKE.

开始和IKE进行平滑DPD

Finished smooth processing DPD with IKE.

结束和IKE平滑DPD

Sent msg message to slot:slot-id, message type is type-id.

向slot-id号接口板发送msg消息，消息ID是type-id

消息类型和其对应的类型ID如下：

·     debug：调试，类型ID为3

·     anti-replay check：抗重放检查，类型ID为4

·     decryption check：解封装后检查，类型ID为5

·     log switch：log开关，类型ID为6

·     idle：空闲，类型ID为7

·     global df-bit：全局df-bit设置，类型ID为8

·     df-bit：接口df-bit设置，类型ID为9

·     all global configuration：所有全局配置，类型ID为10

·     add SP entry：添加SP entry，类型ID为11

·     update SP entry：更新SP entry，类型ID为12

·     delete SP entry：删除SP entry/类型ID为13

·     add SP：添加SP/类型ID为14

·     update SP：更新SP/类型ID为15

·     delete SP：删除SP/类型ID为16

·     add profile SP：添加profile SP，类型ID为17

·     update profile SP：更新profile SP，类型ID为18

·     delete profile SP：删除profile SP，类型ID为19

·     add tunnel：添加tunnel，类型ID为20

·     delete tunnel：删除tunnel，类型ID为21

·     add SA：添加SA，类型ID为22

·     delete SA：删除SA，类型ID为23

·     update MTU：更新MTU，类型ID为24

·     switch SA：切换SA，类型ID为25

·     delete block-flow table：删除阻流表/类型ID为26

·     add DPD：添加DPD/类型ID为27

·     update DPD：更新DPD，类型ID为28

·     delete DPD：删除DPD，类型ID为29

·     update DPD index of SA：更新SA的DPD索引，类型ID为30

·     reset statistics：重置统计计数，类型ID为31

·     idle report：idle报告，类型ID为32

·     smooth start：平滑开始，类型ID为32

·     smooth end：平滑结束，类型ID为34

Adding route: Dest/Mask: ip-address/mask-length, Next hop: ip-address , Source vpn instance: vpn-name, Destination vpn instance: vpn-name, Tag: tag-value, Preference: preference-num

新建IPsec隧道时，即将添加一条静态路由信息

·     Dest/Mask：目的IP地址/掩码长度

·     Next hop：下一跳IP地址

·     Source vpn instance：路由目的地址所属的VPN

·     Destination vpn instance：路由下一跳地址所属的VPN

·     Tag：路由标记

·     Preference：路由优先级

Deleting route: Dest/Mask: ip-address/mask-length, Next hop: ip-address, Source vpn instance: vpn-name, Destination vpn instance: vpn-name, Tag: tag-value, Preference: preference-num

删除IPsec隧道时，即将删除一条静态路由信息

Successfully added a static route.

新建IPsec隧道时，路由模块添加静态路由成功

Only increased the reference count of the static route but didn't add it.

新建IPsec隧道时，发现已经向路由模块添加过相同的静态路由，则不再通知路由模块添加此路由仅增加该路由的引用计数

Successfully deleted a static route.

删除IPsec隧道时，路由模块删除静态路由成功

Only reduced the reference count of the static route but didn't delete it.

删除IPsec隧道时，发现两个以上IPsec隧道对应同一条静态路由，则不通知路由模块删除该静态路由仅减少该路由的引用计数

Started to smoothly process the IPv4 static routes.

开始对IPv4静态路由进行平滑处理

Started to smoothly process the IPv6 static routes.

开始对IPv6静态路由进行平滑处理

Finished smooth processing of the IPv4 static routes.

结束对IPv4静态路由的平滑处理

Finished smooth processing of the IPv6 static routes.

结束对IPv6静态路由的平滑处理

Successfully subscribed service events.

成功订阅所有的服务事件

Received a service event: the status of IPv4 route service is up.

接收到一个IPv4路由服务up事件

Received a service event: the status of IPv4route service is down.

接收到一个IPv4路由服务down事件

Received a service event: the status of IPv6 route service is up.

接收到一个IPv6路由服务up事件

Received a service event: the status of IPv6 route service is down.

接收到一个IPv6路由服务down事件

Deleted GDOI SA with SPI spi successfully.

成功删除SPI为spi的GDOI SA

GDOI SA(SPI: %u) already existed.

SPI为spi的GDOI SA已经存在

Added GDOI IPsec SA (SPI=spi, index=index, sequence number=seq-num) successfully.

添加GDOI类型的IPsec SA成功（SPI为spi，索引为index，序列号为seq-num）

Created GDOI SA entry successfully.

创建GDOI SA表项成功

Created GDOI SP SA entry successfully.

创建GDOI SP SA表项成功

Added GDOI flow to kernel successfully.

添加GDOI流信息到内核成功

Deleted GDOI SP flow successfully.

删除GDOI SP流信息成功

Deleted GDOI SP SA entry successfully.

删除GDOI SP SA表项成功

Found GDOI SA: SPI=spi, SrcPort=src-port, DstPort=dst-port.

找到GDOI类型的IPsec SA（SPI为spi，源端口号为src-port，目的端口号为dst-port）

GDOI flow has been updated.

GDOI类型的流被更新

Added outbound SA(index: index) to GDOI flow successfully.

向GDOI类型的流添加出方向SA（索引为index）成功

Deleted outbound SA(index: index) from GDOI flow.

删除保护GDOI流的索引为index的SA

Added flow to HIPAC successfully.

向流表中添加GDOI流成功

Deleted GDOI flow successfully in kernel.

在内核中删除GDOI流成功

Added GDOI IPsec SA successfully in kernel.

在内核中添加GDOI IPsec SA成功

Added GDOI flow successfully in kernel.

在内核中添加GDOI流成功

Failed to find IPsec SA with index index when deleting SA in kernel.

当在内核中删除SA时根据IPsec SA索引index查找IPsec SA失败

Deleted GDOI SA successfully in kernel.

在内核中删除GDOI SA成功

Switched GDOI SA(index: index) successfully in kernel.

在内核中切换GDOI SA（索引为index）成功

Added GDOI IPsec SA to kernel successfully.

添加GDOI IPsec SA到内核成功

Set GDOI outbound IPsec SA(index: index) to kernel successfully.

设置索引为index的出方向GDOI IPsec SA到内核成功

Created GDOI SP SA entry successfully.

创建GDOI SP SA entry成功

GDOI IPv6 flow has been updated.

GDOI IPv6流更新成功

Deleted GDOI IPsec SA successfully in kernel.

在内核中删除GDOI IPsec SA成功

Switched GDOI IPsec SA(index: index) successfully in kernel.

在内核中切换index为index的GDO IPsec SA成功

IPsec tunnel has been updated.

IPsec隧道更新成功

Created GDOI flow successfully.

创建GDOI流成功

Smooth processing: Added GDOI flow successfully.

平滑处理：添加GDOI流成功

Deleted GDOI group(name: GroupName) successfully.

删除组名为GroupName的GDOI组成功

Restored GDOI group(name: GroupName) successfully.

恢复组名为GroupName的GDOI组成功

Restored GDOI SP(index: index) successfully.

恢复索引为index的GDOI安全策略成功

Cached GDOI SA(SPI: spi) successfully.

恢复索引为index的GDOI安全策略成功

Started to smoothly process GDOI group with IKE.

开始和IKE模块平滑GDOI组数据

Checked GDOI group after smooth with IKE.

和IKE模块平滑后，检查GDOI组

Processing group(name: GroupName) batch-add-flow message: Added GDOI flow(rule num) successfully

处理GDOI组的批量添加流信息：添加ACL规则编号为num的GDOI流成功

Processing group(name: GroupName) batch-add-flow message: GDOI flow(rule num) already exist.

处理GDOI组的批量添加流信息：ACL规则编号为num的GDOI流已经存在

Processing group(name: GroupName) batch-sync-flow message:Synchronize GDOI flow successfully.

处理GDOI组的批量同步流信息：同步GDOI流成功

Processing group(name: GroupName) batch-delete-TEK-flow message: Cached GDOI flow(rule num) successfully.

处理GDOI组的批量删除TEK流信息：缓存ACL规则编号为num的GDOI流成功

Processing group(name: GroupName) add-TEK message: Cached GDOI SA(SPI: spi) successfully.

处理GDOI组的添加TEK信息：缓存SPI为spi的GDOI SA成功

Processing group(name: GroupName) add-TEK message: GDOI SA(SPI: spi) already exist.

处理GDOI组的添加TEK信息：SPI为spi的GDOI SA已经存在

Processing group(name: GroupName) delete-all message: Deleted all GDOI flow and SA successfully.

处理GDOI组的删除所有数据信息：删除所有GDOI流和SA成功

Processing group(name: GroupName) smooth-flow message: Added GDOI flow(rule num) successfully.

处理GDOI组的平滑流信息：添加ACL规则编号为num的GDOI流成功

Processing group(name: GroupName) smooth-flow message: GDOI flow(rule num) already exist.

处理GDOI组的平滑流信息：ACL规则编号为num的GDOI流已经存在

Processing group(name: GroupName) smooth-TEK message: Added GDOI SA(SPI: spi) successfully.

处理GDOI组的平滑TEK信息：添加SPI为spi的GDOI SA成功

Processing group(name: GroupName) smooth-TEK message: GDOI SA(SPI: spi) already exist.

处理GDOI组的平滑TEK信息：SPI为spi的GDOI SA已经存在

Updated GDOI IPsec SA to kernel successfully.

向内核更新GDOI IPsec SA成功

Smooth processing: Added GDOI IPsec SA (SPI=spi, index=index, sequence number=seq-num) successfully.

平滑处理：添加GDOI类型的IPsec SA成功（SPI为spi，索引为index，序列号为seq-num）

Started to smoothly process GDOI SA with IKE.

开始和IKE模块平滑GDOI SA

Finished smooth processing GDOI SA with IKE.

结束和IKE模块平滑GDOI SA

Smooth processing: Added GDOI SA entry successfully.

平滑处理：创建GDOI SA表项成功

Restored GDOI SP SA entry successfully.

恢复GDOI安全策略SA数据成功

Rebuilt group(name: GroupName) GDOI SP flow successfully.

重建组名为GroupName的组的GDOI安全策略流成功

Set GDOI outbound IPsec SA(index: index) to kernel successfully.

下发GDOI出方向索引为index的IPsec SA到内核成功

Smooth processing: Created GDOI SP SA entry successfully.

平滑处理：添加GDOI安全策略SA表项成功

Smooth processing: Added no context smooth GDOI SP SA entry successfully.

平滑处理：添加无上下文的GDOI安全策略SA成功

Started to smoothly process GDOI SP flow with IKE.

开始和IKE模块平滑GDOI安全策略流

Finished smooth processing GDOI SP flow with IKE.

和IKE模块平滑GDOI安全策略流结束

Started to smoothly process GDOI IPsec SA with IKE.

开始和IKE模块平滑GDOI IPsec SA

Finished smooth processing GDOI IPsec SA with IKE.

和IKE模块平滑GDOI IPsec SA结束

Added synchronization GDOI flow to kernel successfully.

下发同步GDOI流信息到内核成功

Deleted synchronization GDOI SP SA entry successfully.

删除同步GDOI安全策略SA表项成功

Created synchronization GDOI SP SA entry successfully.

创建同步GDOI安全策略SA表项成功

Added sync GDOI flow successfully.

添加同步的GDOI流成功

Deleted sync GDOI flow successfully..

删除同步的GDOI流成功

Added sync SA successfully.

添加同步SA成功

Processing GDOI synchronization message of switching SA(index: index): Switched SA successfully.

处理切换索引为index的GDOI同步消息：切换SA成功

Deleted sync SA (SPI: spi) successfully.

删除同步的SPI为spi的SA成功

Processing check group(name: GroupName) reference message successfully.

处理检查名为GroupName组的检查组引用信息时，发送消息成功

Packet will be sent to CCF for sync-encryption.

报文将被发送到CCF执行同步加密操作

Packet will be sent to CCF for sync-decryption

报文将被发送到CCF执行同步解密操作

Packet will be sent to CCF for asyn-encryption.

报文将被发送到CCF执行异步加密操作

Packet will be sent to CCF for asyn-decryption.

报文将被发送到CCF执行异步解密操作

Found SA with SPI spi.

已经找到SPI为spi的SA

Packet matches SP spid.

报文匹配SP，SP ID为spid.

Packet has been encrypted by SA whose SPI is spi.

报文已经被SPI为spi的SA加密

Packet has been decrypted by SA whose SPI is spi.

报文已经被SPI为spi的SA解密

ESP auth algorithm: auth, ESP encp algorithm: encp.

ESP采用的认证算法为auth，加密算法为encp

AH auth algorithm: auth

AH采用的认证算法为auth

Src : src Dst : dst SPI : spi

报文的源地址为，目的地址为，SPI值为spi

Received IPsec(AH) packet

入方向收到AH报文

Received IPsec(ESP) packet

入方向收到ESP报文

Received IPSec packet from fast forwarding

快转入方向收到IPsec报文

Sent routing protocol packet by IPsec

路由协议报文经由IPsec发送

Sent IPsec packet

报文经由IPsec发送

Sent packet by IPsec fast forwarding

报文经由IPsec快转发送

Added IP fast forwarding entry.

添加快转表项

Added IPv6 fast forwarding entry.

添加IPv6快转表项

Failed to find SA by SP.

根据SP找不到对应的SA

The packet is too big, mtu = mtu, packet len = len.

报文过大，MTU值为mtu，长度为len

The reason of dropping packet is reason.

报文被丢弃的原因为reason，包括以下几种：

·     Packet too long：报文太长

·     Invalid SPI：无效SPI

·     No available SA：找不到SA

·     No available IPsec tunnel：找不到IPsec隧道

·     Encryption failed：加密失败

·     Decryption failed：解密失败

·     Loop too many times：本机循环次数过多

·     ACL check failed：ACL检查失败

·     Address does not match with SA：报文地址与SA中的地址不匹配

·     Anti-replay sequence number reached the max：抗重放序号达到最大值

·     The encapsulation mode does not match：封装类型不匹配

·     Receive a ESP dummy packet：收到ESP保活报文

·     Memory alloc failed：内存分配失败

·     Packet length wrong：长度错误

·     Replayed packet：重放报文

·     Authentication failed：认证失败

·     Security protocol set of SA does not match：SA的安全协议组合与对端不匹配

Inbound IPsec AH processing: Authentication succeeded.

入方向IPsec AH处理：认证成功

Outbound IPsec AH processing: Authentication finished, anti-replay SN is sn .

出方向IPsec AH处理：认证完成，抗重放序号为sn

Inbound IPsec ESP processing: Decryption succeeded.

入方向IPsec ESP处理：解密成功

Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is sn.

出方向IPsec ESP处理：加密成功，抗重放序号为sn

Outbound IPsec processing: Sent packet back to IP forwarding.

出方向IPsec处理：将报文重新发送给IP转发

Inbound IPsec processing: Sent packet back to IP forwarding.

入方向IPsec处理：将报文重新发送给IP转发

Outbound IPsec processing: Sent packet back to IP forwarding for following process.

出方向IPsec处理：将报文返回转发继续处理后续业务

IPsec processing: Tunnel mode

采用隧道模式

IPsec processing: Transport mode

采用传输模式

Started outbound processing after CCF processing.

CCF处理后开始出方向处理

Started inbound processing after CCF processing.

CCF处理后开始入方向处理

Restored the original IP header during AH processing

AH处理过程中恢复原始IP头内容

Updated IV during ESP processing.

ESP处理过程中更新IV内容

Started outbound fast forwarding after CCF processing.

CCF处理后开始出方向快转处理

Started inbound fast forwarding after CCF processing.

CCF处理后开始入方向快转处理

Failed to find SA by SP.

根据SP查找SA失败

Outbound IPsec processing: Packet encapsulated successfully.

出方向IPsec处理：报文加封装处理成功

IPsec output processing for relay packet: flag=flag, data length=length

板间透传报文IPsec出方向处理：报文标记为flag，数据长度为length

Received a UDP fragment: src port=src-port, dst port=dst-port.

收到一个UDP分片报文（源端口号为src-port，目的端口号为dst-port）

Inbound IPsec GDOI processing: Sent packet back to IP forwarding.

入方向IPsec GDOI处理：将报文发送回IP转发处理

Received IPsec(ESP) packet: packet length=length

接收到ESP封装的IPsec报文，报文长度为length

Failed to find SA by SA index.

根据SA索引查找SA失败

Packet oversize: MTU=mtu, packet length=length.

报文过大, ，最大传输单元值为mtu，报文长度为length

Sent packet by GDOI fast forwarding

根据GDOI快转表发送报文

Outbound GDOI ESP forwarding processing: Encryption succeeded.

出方向GDOI的ESP报文转发处理：加封装成功

--- Sent GDOI packet ---

发送GDOI报文

--- Sent IPv6 GDOI packet by IPsec fast forwarding ---

通过IPsec快转发送IPv6 GDOI报文

--- Sent IPsec packet ---

发送IPsec报文

--- Sent IPv6 packet by IPsec fast forwarding ---

通过IPsec快转发送IPv6报文

Failed to prepare IPv6 packet

准备IPv6报文失败

MBUF relay sent to node LipNode.

消息透传至编号为LipNode的单板

FS MBUF relay sent to node LipNode.

快转消息透传至编号为LipNode的单板

Adding svti tunnel fast-forwarding cache.

正在添加SVTI隧道快转cache

Adding advpn/gre tunnel fast-forwarding cache.

正在添加ADVPN/GRE隧道快转cache

Failed to get SP: IPsec smooth not end.

获取SP失败，IPsec未平滑结束

Failed to get SP: IPsec process not running.

获取SP失败，IPsec进程未启动

Failed to find SP by index and sequence number.

通过index和SeqNum查找SP失败

Failed to get SP: Creating SA timed out.

获取SP时生成SA超时

Failed to get SP by interface: Target node not online.

通过普通接口获取SP时，目标接口板不在线

Failed to get interface when getting SP by mGRE.

按照mGRE方式获取SP时，获取接口失败

Failed to get SP by mGRE: Invalid interface type.

尝试按照mGRE方式获取SP失败，无效的接口类型

Failed to get SP by mGRE: No tunnel protection configuration.

尝试按照mGRE方式获取SP失败，缺少相关配置

Failed to get SP by mGRE: profile profile not found.

尝试按照mGRE方式获取SP失败，未找到profile profile

Failed to get SP by mGRE: wrong profile type.

尝试按照mGRE方式获取SP失败，profile类型错误

Failed to find profile SP by profile profile when getting SP by mgre.

按照mGRE方式获取SP时，通过profile profile查找SP失败

Failed to get SP by mGRE: SP type not ISAKMP.

尝试按照mGRE方式获取SP失败，SP不是IKE方式的

Failed to get SP by mGRE.

尝试按照mGRE方式获取SP失败

Failed to get SP by SVTI: invalid interface type.

尝试按照SVTI方式获取SP失败，无效的接口类型

Failed to get SP by SVTI: no tunnel protection configuration.

尝试按照SVTI方式获取SP失败，缺少相关配置

Failed to get SP by SVTI: profile profile not found.

尝试按照SVTI方式获取SP失败，未找到profile profile

Failed to get SP by SVTI: wrong type of profile profile.

尝试按照SVTI方式获取SP失败，profile profile类型错误

Failed to find profile SP by profile profile when getting SP by svti.

按照SVTI方式获取SP时，通过profile profile查找SP失败

Failed to get SP by SVTI: SP type not ISAKMP.

尝试按照SVTI方式获取SP失败，SP不是IKE方式的

Failed to match SVTI flow: IKE profile not match.

匹配SVTI流失败，IKE profile不匹配

Failed to match SVTI flow: flow not match with ACL.

匹配SVTI流失败，匹配ACL失败

Failed to get interface data when getting SP by L3 interface.

通过三层口获取SP时，获取接口数据失败

Failed to get SP by L3 interface: no SP entry found by key.

尝试通过三层口获取SP失败，根据SP ENTRY KEY找不到SP ENTRY

Failed to get SP by L3 interface: no source interface SP entry found by key.

尝试通过三层口获取SP失败，根据共享源接口的SP ENTRY KEY找不到SP ENTRY

Failed to match SP when getting SP by L3 interface: SP's mode not ISAKMP.

通过三层口获取SP时，匹配SP失败，SP不是IKE方式的

Failed to match SP when getting SP by L3 interface: SP negotiation not complete.

通过三层口获取SP时，匹配SP失败，SP未协商完成

Rejected peer's request of any flow: SP's mode was ISAKMP template and no ACL was specified.

IKE模板方式且未配置ACL，任意流不触发协商

Failed to match SP when getting SP by L3 interface: Could not find policy by SP.

通过三层口获取SP时，匹配SP失败，通过SP找不到policy

Failed to match profile: IKE profile was profile1 while IPsec used profile profile2.

匹配profile失败，profile profile1和profile profile2

Failed to match flow: ACL not match.

匹配流失败，ACL不匹配

Failed to match flow: renegotiation SP's index or sequence number changed.

匹配流失败，重协商SP的index或sequence num有变化

SP SP-ID is not complete.

SP SP-ID不完整

Failed to get SP (SP ID=SP-ID): Local address not match (SP's address=address1, phase 2 policy's address=address2).

获取SP SP-ID时，Local地址不匹配，SP携带的地址是address1，二阶段policy的地址是address2

Failed to get SP (SP ID=SP-ID): Remote address not exist (hostname=hostname).

获取SP时，对端地址不存在

Failed to get SP (SP ID=SP-ID): Remote address not match (SP's address=address1, phase 2 policy's address=address2).

获取SP时，对端地址不匹配

Failed to match SP when getting SP by L3 interface: no transform-set in SP.

通过三层口获取SP时，匹配SP失败，SP中没有transform-set

Failed to create larval SA when getting SP by L3 interface.

通过三层口获取SP时，创建larval SA失败

Failed to get SP matching ACL.

获取匹配ACL的SP失败