Here is a solution that works for Debian 6.0 and Debian 7.0 for now, should work on Ubuntu as well.
Under superuser:

1. We make a script that is executed when the interface is raised
   

   nano -w /etc/network/if-up.d/00-iptables
   

   #!/bin/sh
   iptables-restore < /etc/firewall.conf
   ip6tables-restore < /etc/firewall6.conf
   

2. Give the right to run this script
   

   chmod +x nano -w /etc/network/if-up.d/00-iptables
   

3. Save the rules for IPv4 in the config
   

   iptables-save >/etc/firewall.conf
   

4. We save the rules for IPv6 in the config
   

   ip6tables-save >/etc/firewall6.conf
   

I'm sorry that I can't find a link to the original source, but the solution is so classic that you can find it on Google using the word 00-iptables with many examples and modifications. As far as I remember, this is how I load the netfilter configuration since Debian 5.0.

debian and ubuntu added iptables-persistent package
which uses iptables-save/iptables-restore
#service iptables-persistent
Usage: /etc/init.d/iptables-persistent {start|restart|reload|force-reload|save|flush}
after configuring the rules as needed, do a service iptables-persistent save and they will be applied on the next boot

iptables-save/iptables-restore

You can install iptables-persistent.

If you do not use a network manager to raise the network, then you can write to the end of /etc/network/interfaces
post-up iptables-restore < /etc/iptables.rules
After applying the rules and saving them to this same iptables.rules file with the command$ iptables-save > /etc/iptables.rules

IMHO it's much better to have a bash/sh file that creates rules at autoload than to use iptables-save and iptables-restore.
After all, in a bash file you cannot replace the same addresses/ports/interfaces/protocols/ranges in different lines with variables, you can, if you wish, set up some kind of loop or enable routing in /proc/sys/net/ipv4/ip_forward ( it is more logical to combine it with the rules, because without it they may not make sense)

Just like in Debian. It means that they are the same by default in this regard.
Win - by creating a file with the rules and adding it to rc.local for execution, or better - to autoload by putting the file in init.d.

iptables-save?

Once on the command line:
iptables-save > /etc/network/iptables.save
In /etc/rc.local:

F="/etc/network/iptables.save"
test -f "$F" && /sbin/iptables-restore < $F

Unelegant, but workable.

Alt and ASP use an entry in /etc/sysconfig/iptables; default recovery is specified when the network service is brought up.

It is best to entrust the management of iptables rules to some firewall builder. He will restore everything.

Or here's another option - a script for autoloading iptables in debian - mnorin.com/nastrojka-avtozagruzki-pravil-iptables-...