Firewall logic ports and protocol or just ports

I know depends on the firewall brand, for example Sophos you can choose multiple protocols and ports for a rule, where as pfsense there is more seperation.

From a pfsense aspect, how do people structure their rules, just the ports required regardless of port or do you create a TCP rule and UDP rule?

You can choose TCP/UDP in pfSense firewall rules which matches on packets of either protocol.

Both, I block all ports by default. Then use an alias for ports that need to exit my LAN or WAN.