Wireshark - you don't have permission to capture on that device mac
According to User: gmale's answer on ask.wireshark.org, he solved his problem in this way and I'm sure that it could solve yours as well. It says:
1- Open Terminal
To see your exact user name (for me that was AliGht)
2- Type 'whoami'
3- execute the following commands:
cd /dev
sudo chown AliGht:admin bp*
and enter your computer password:
4- now type this command:
ls -la | grep bp
The last command will display a list of files such as:
5- Make sure all of them have your user name and admin as the user/group. For some reason, the last one didn't get assigned properly so I had to run the command:
sudo chown AliGht:admin bpf4
so the last command fixed my problem as you see in the last image:
Done!
If your WireShark is open then close it and open it again.
All credits of this tutorial goes to user gmale on ask.wireshark.org,
If you want to open WireShark always as administrator then take a look to another post which I created a shortcut for it via Applescript, and this is the only way which you can open the WireShark always as administrator even when you turn off/on your mac.
I don't know how to solve this problem, but if you want a temporary fix, you can use the following command:
$ sudo /Applications/Wireshark.app/Contents/MacOS/Wireshark
Wireshark provides the solution itself, along with the explanation of weird secrets:
add your user to the group "access_bpf" by commanding
sudo dseditgroup -o edit -a `whoami` -t user access_bpfthen launch Wireshark's script
sudo "/Library/Application Support/Wireshark/ChmodBPF/ChmodBPF";
That's all, because (as the script explains):
# Unfortunately, macOS's devfs is based on the old FreeBSD
# one, not the current one, so there's no way to configure it
# to create BPF devices with particular owners or groups. BPF
# devices on macOS are also non-cloning, that is they can
# be created on demand at any time. This startup item will
# pre-create a number of BPF devices, then make them owned by
# the access_bpf group, with permissions rw-rw----, so that
# anybody in the access_bpf group can use programs that capture
# or send raw packets.