Allow to self-report as having invalid ASN/country origin (due to proxying)

[tannisroot]

trafficstars

What would you like to be added?

/kind feature Allow to self-report as having invalid ASN/country origin

I was told that currently, crowdsec will auto-detect when you are using it through Tor and when sharing attack data with crowdsec, it will flag ASN/country origin as invalid, as the IP location the alert data was sent from does not match the actual location of attacked host. However, if the proxy is not Tor based, but the location differs from host's, the mismatching ASN/country origin (I believe) is reported back to Crowdsec, which I imagine pollutes data with incorrect information on the location of the attack. Thus I believe there is a need for a manual option (or maybe an automatic check of some sort?) that makes crowdsec function as if it is routed through tor and not report ASN/country origin (or flag them as invalid so that they don't count in statistics).

Why is this needed?

Due to harsh censorship in my country impacting access to crowdsec's CAPI, I had to route crowdsec to a proxy, specifically to wireproxy which acts socks client for Wireguard. Because of this, in the web console, my IP is that of the proxy endpoint, and not my hosts, thus the data sent to Crowdsec for analysis also mis-attributes ASN/country origin. It probably wouldn't be much of an issue if I was the only one having such a setup, but I suspect that there could be more users from my country implementing something like this. Plus, I would like to write up a guide that features this wireproxy configuration, and I don't want it to cause mass data pollution for Crowdsec because of this.