Can we get a way to match both TCP and UDP in single firewall or mangle rule, Would save doubling up for lots of protocols that can use TCP or UDP
In current firewall implementation no.
Use custom chains to divide TCP and UDP traffic to avoid packets double checking.