Sniffing traffic between my app and local CouchDB

This turns out to be a lot harder than watching browser traffic.
Forgive the crudity of this post; I’m on a tablet. Gotta get this info out before I forget, because this problem was a sticky one. Couch returned a 400 Bad Request with the error message “invalid json” and I needed to see the json it was receiving.
To watch the HTTP traffic on my local machine (a Mac) moving between my application and CouchDB on port 5984:

• download and install Wireshark
• capture traffic on the loopback interface, lo0
• set up a capture filter for only this port: tcp port 5984 (not entirely sure I got this working, and the capture filter is not strictly necessary)
• enabled http packet reconstruction on this port: edit, preferences, protocols, http, add 5984 to the lost of tcp ports (this is the critical secret step of working!)
• ran my test that failed, to cause the traffic I am trying to capture 
• entered a display filter: http.response.code == 400
• found the 400 response, clicked on it, then cleared the display filter
• now I can look a few rows up the list to see the POST that triggered the error. The body is included in the breakdown. (Or would be if it had one. In my case the post has no body; no wonder Couch complained.)

Useful tips:

• change the coloring rules (the pretty button at the top) to move the “Checksum Errors” rule down to the bottom of the list (this rule is triggered by all of these local packets because of checksum offloading). Then I created a coloring rule to turn http.response.code == 400 an obnoxious color. This made it easier to see what was going on.
• In this X11 window on a Mac, the command button doesn’t behave normally. Use Ctrl instead.