http-sha256-drop-02: don't use flow_id in test

flow_id has no reason to be fix from a user perspective so we
should not use it in test but use information from the flow
itself.

diff --git a/tests/http-sha256-drop-02/test.yaml b/tests/http-sha256-drop-02/test.yaml
index dbdfa31c01cd4cf744d84dba465cbc74dfa54ce1..0365fbb236b50ed4a36b415c4abd4ee1cda6c196 100644 (file)
--- a/tests/http-sha256-drop-02/test.yaml
+++ b/tests/http-sha256-drop-02/test.yaml
@@ -27,10 +27,15 @@ checks:
         alert.signature_id: 2
         pcap_cnt: 103
   - filter:
-      count: 8
+      count: 3
       match:
         event_type: drop
-        flow_id: 746850855319537
+        src_port: 35824
+  - filter:
+      count: 4
+      match:
+        event_type: drop
+        dest_port: 35824
   - filter:
       count: 1
       match:
@@ -43,8 +48,13 @@ checks:
         event_type: drop
         alert.signature_id: 3
         pcap_cnt: 135
+  - filter:
+      count: 1
+      match:
+        event_type: drop
+        src_port: 35820
   - filter:
       count: 7
       match:
         event_type: drop
-        flow_id: 948787333709074
+        dest_port: 35820