You put the orange arrow in the wrong place: there's no "network" talked on the USB link – just raw commands to the wifi device to synthesize some RF waveform.
The network packets only begin to exist in the network driver inside the Linux guest – so that's where you can sniff:
![Your figure showing a USB passthrough coming from the outside, going into your "Linux Guest" box, but the orange double arrow is going from the inside of the linux guest to wireshark running on the host, not from the USB passthrough to wireshark](https://cdn.statically.io/img/i.sstatic.net/v8mrTgko.png)
If you have a full wireshark installation on your host, the easiest way would probably using the sshdump
remote dumping method, which you can select in the capture dialog:
![screenshot of the capture dialog, highlighting the sshdump selection](https://cdn.statically.io/img/i.sstatic.net/6ywPKOBM.png)
You will have to have SSHd running on your guest, and you'll need a private network between your host and the guest, as well as tcpdump
available in your guest. The user which you enter in the "Authentication" tab of the settings needs to have privileges to run tcpdump
.
If you're developing a kernel Wifi driver, you'd do something else and attach a debugger to the guest kernel; but that would be significantly more complicated, and quite honestly expect you to be pretty trained in gdb and remote debugging already.