OK don't get too offended by this because it's just a little pet peeve of mine but
...currently have 2 NIC cards...
They are just NICs, otherwise it would be a Network Interface Card Card which isn't the same as a PIN number (Personal Identification Number Number) that you would use at the ATM machine (Automated Teller Machine Machine) to access your IRA account (Individual Retirement Account Account)
Whew, ok now that I got that silly little pet peeve off my chest lets see what was he asking? OK...
I don't belive the linux kernel allows you to route some data through NAT and route other data straight through to an IP address, at least I know it doesn't do it if it's all going out through one network card. So at the very least you'd have to buy another NIC; I know some companies (Intel used to but may not anymore) sell dual port NICs. These are basically 2 NICs combined on one PCI card, but some of these can be quirky to say the least. I also know you can't use one IP on one side of your router and bridge some live IPs (in the same subnet) across while routing to other IPs (again, if they are all connected to the same NIC) that are on a different subnet.
Wow! That confused even me and I wrote it!
So at the very least you could find yourself a dual port NIC or blow the 200 bones for the case upgrade and probably pull it off with one NIC to the ISP, one to the NATted machines and one bridged to the public domain IP boxes and then try to figure out how to get a working firewall ruleset for said configuration. You would probably have to tinker with a firewall setup that worked with just the NATted boxes then rip that out and set up the bridge and find a firewall ruleset that worked with them then figure out how to combine those two rulesets without them conflicting.
But in theory it IS possible, anyone chime in if they have anything to add...