check the implementation guide (pg 365)
The firewall also uses stateful inspection of all network traffic.
When you define TCP-based or UDP-based service triggers, you identify the ports on both sides of the described network connection. Traditionally, ports are referred to as being either the source or the destination of a network connection.
in teh firewall rule, from the services column, select the protocol dropdown you can select UDP>