net/haproxy: Option pass-through in Public Service results in warning message

[kingfisher77]

Important notices
Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
• I have searched the existing issues, open and closed, and I'm convinced that mine is new.
• The title contains the plugin to which this issue belongs

Describe the bug
When using the ‘pass-through’ option in the Public Service, the resulting configuration is validated with a warning. This is because the additional configuration is placed at the end of the frontend block. It should be placed before the use_backend statements.

To Reproduce
Steps to reproduce the behavior:
Add this into the Option pass-through textarea (our case):

tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }

Press "test syntax"

This warning message appears:

[NOTICE] (44943) : haproxy version is 3.0.8-6036c31
[NOTICE] (44943) : path to executable is /usr/local/sbin/haproxy
[WARNING] (44943) : config : parsing [/usr/local/etc/haproxy.conf.staging:155] : a 'tcp-request' rule placed after a 'use_backend' rule will still be processed before.
Warnings were found.

The same warning appears when testing on the console:

[root@fw3 /usr/local/etc]# haproxy -f /usr/local/etc/haproxy.conf.staging -c -V
[NOTICE]   (20752) : haproxy version is 3.0.8-6036c31
[NOTICE]   (20752) : path to executable is /usr/local/sbin/haproxy
[WARNING]  (20752) : config : parsing [/usr/local/etc/haproxy.conf.staging:155] : a 'tcp-request' rule placed after a 'use_backend' rule will still be processed before.
Warnings were found.
Configuration file is valid

Expected behavior
The Option pass-through value should be placed before use_backend directives.

Environment
Software version used and hardware type if relevant.
e.g.:

OPNsense 25.1.2 (amd64).
os-haproxy 4.5