mac Wireshark报错You do not have permission to capture on device “en1“

Wireshark开始抓包时报错

You do not have permission to capture on device "en1".
((cannot open BPF device) /dev/bpf0: Permission denied)

查看 /dev/bpf* 文件的权限

ls -l /dev/bpf*

更新 /dev/bpf* 文件权限和组权限

sudo chmod g+r /dev/bpf* && sudo chgrp admin /dev/bpf*

选择网卡开始抓包

出现如下界面，说明可以正常抓包