add readme

README.md

@@ -25,8 +25,10 @@ Targets:
 ```
 
 ### Building requirements
+
 Building the filter requires:
-- [Go](https://go.dev/doc/install) 
+
+- [Go](https://go.dev/doc/install)
 - [TinyGo](https://tinygo.org/getting-started/install/)
 
 Up to date required versions can be found looking at [`minGoVersion` and `tinygoMinorVersion` variables](./magefiles/magefile.go).
@@ -39,6 +41,22 @@ go run mage.go build
 
 You will find the WASM plugin under `./build/main.wasm`.
 
+### Building with `geoipLookup` Support
+
+1. **Provide Database File**: Ensure you have a GeoIP2 ([oschwald/geoip2-golang](https://github.com/oschwald/geoip2-golang)) compatible database. Place this file with the name `geoip.mmdb` in the project's root folder.
+
+2. **Choose Database Preference:** Depending on the type of the database you desire, set the `GEOIP` environment variable to either of the following:
+
+   - For city-level database: `GEOIP=CITY`
+   - For country-level database: `GEOIP=COUNTRY`
+
+3. **Build the Project:** With the appropriate `GEOIP` variable set, proceed to build the project.
+
+   ```bash
+   export GEOIP=CITY
+   go run mage.go build
+   ```
+
 ### Multiphase
 
 By default, coraza-proxy-wasm runs with multiphase evaluation enabled (See [coraza.rule.multiphase_evaluation](.magefiles/magefile.go) build tag). It enables the evaluation of rule variables in the phases that they are ready for, potentially anticipating the phase the rule is defined for. This feature suits coraza-proxy-wasm, and specifically Envoy request lifecycle, aiming to inspect data that has been received so far as soon as possible. It leads to enforce actions the earliest possible, avoiding WAF bypasses. This functionality, in conjunction with the [early blocking CRS feature](#recommendations-using-crs-with-proxy-wasm), permits to effectively raise the anomaly score and eventually drop the request at the earliest possible phase.