Of course, is possible, you might create a bridge between ETH00 and ETH02, assign the ip address directly to that bridge, eg 192.168.0.1, then FW rules …..even though I advice you to use a pure L3 DMZ for public servers, and ‘play’ with FW and NAT rules among all interfaces.
Regards
