Snort 2.3.0 and p2p rules question

[A Bose <abose () engin umich edu>]

Hello,
I am trying to play back a tcpdump/libpcap trace using the p2p.rules but 
getting an error. I modified /etc/snort/snort.conf and put in a line:

## include somefile.rules
include /etc/snort/rules/p2p.rules

In my case, both HOME_NET and EXTERNAL_NET are set to "any". When I do 
the following:

$ snort -dvr file.pcap  -c /etc/snort/snort.conf

I get an error:

Running in IDS mode
TCPDUMP file reading mode.
Reading network traffic from "file.pcap" file.
snaplen = 100

        --== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file /etc/snort/snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
ERROR: /etc/snort/rules/p2p.rules(10) => Unknown ClassType: policy-violation
Fatal Error, Quitting..


Can someone please tell me what I am doing wrong ? I am a *very* new 
user of snort (and that may be just the problem!)

Thanks!

Abhijit Bose
University of Michigan


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users