A copy from Debian Administration
http://www.debian-administration.org/articles/445

Debian does not provide an initscript for iptables by default. This does however not mean that it is impossible to get firewall rules to survive a reboot.

Actually the Debian way is logical and works very well. First create some iptables rules and list them:

iptables --list

if the listed rules satisfy your needs, then save them somewhere. I use /etc/firewall.conf but this location is not fixed:

iptables-save > /etc/firewall.conf

Then create a script /etc/network/if-up.d/iptables so ifupdown loads these rules on boot:

#!/bin/sh
iptables-restore < /etc/firewall.conf

Then:

chmod +x /etc/network/if-up.d/iptables

Now reboot your machine and pray - the rules should come up exactly like before (use "iptables --list" to verify this).