Of course, is possible, you might create a bridge between ETH00 and ETH02, assign the ip address directly to that bridge, eg 192.168.0.1, then FW rules …..even though I advice you to use a pure L3 DMZ for public servers, and ‘play’ with FW and NAT rules among all interfaces.
Simply by creating , for public servers, their own broadcast domain, not the same of the ‘private’ lan, eg by assigning different ip addresses to ETH02 and ETH00 and keep the ETH02 as DMZ, while ETH00 as private lan ….. but if you are happy with the bridge, and it works as expected, don’t worry about 😉
When I first atempted this I did have the public servers on a differet subnet without a bridge joining ETH00 & ETH02 but I couldn’t get them to see each other. I did try adding a static route but it didn’t help. I will give it another try.