Someone is using a lot of bandwith through OpenVPN, how can I find out who? [closed]

I just checked bandwith usage on SolusVM and it was 250gb in 2 days, and I know it’s one of my users through OpenVPN.

I think it is a torrent because it is upload + download 24/7.

I want to find out who is doing this by getting their username. I make accounts for every user on my VPN ( adduser name -s /bin/false/nologin ).

Is it possible to see who is uploading? I need to get the username or subnet ( like ).


Use tcpdump to identify the source IP of the traffic, then look through your OpenVPN logs to see who that IP address was given to.

Source : Link , Question Author : Niel , Answer Author : EEAA

Leave a Comment