diff --git a/integration-cli/docker_cli_links_test.go b/integration-cli/docker_cli_links_test.go
index 55c41e0bbc..ed30288b7d 100644
--- a/integration-cli/docker_cli_links_test.go
+++ b/integration-cli/docker_cli_links_test.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"github.com/dotcloud/docker/pkg/iptables"
 	"os/exec"
 	"testing"
 )
@@ -28,3 +29,28 @@ func TestPingLinkedContainers(t *testing.T) {
 	cmd(t, "kill", idB)
 	deleteAllContainers()
 }
+
+func TestIpTablesRulesWhenLinkAndUnlink(t *testing.T) {
+	cmd(t, "run", "-d", "--name", "child", "--publish", "8080:80", "busybox", "sleep", "10")
+	cmd(t, "run", "-d", "--name", "parent", "--link", "child:http", "busybox", "sleep", "10")
+
+	childIp := findContainerIp(t, "child")
+	parentIp := findContainerIp(t, "parent")
+
+	sourceRule := []string{"FORWARD", "-i", "docker0", "-o", "docker0", "-p", "tcp", "-s", childIp, "--sport", "80", "-d", parentIp, "-j", "ACCEPT"}
+	destinationRule := []string{"FORWARD", "-i", "docker0", "-o", "docker0", "-p", "tcp", "-s", parentIp, "--dport", "80", "-d", childIp, "-j", "ACCEPT"}
+	if !iptables.Exists(sourceRule...) || !iptables.Exists(destinationRule...) {
+		t.Fatal("Iptables rules not found")
+	}
+
+	cmd(t, "rm", "--link", "parent/http")
+	if iptables.Exists(sourceRule...) || iptables.Exists(destinationRule...) {
+		t.Fatal("Iptables rules should be removed when unlink")
+	}
+
+	cmd(t, "kill", "child")
+	cmd(t, "kill", "parent")
+	deleteAllContainers()
+
+	logDone("link - verify iptables when link and unlink")
+}
diff --git a/integration-cli/docker_utils.go b/integration-cli/docker_utils.go
index 6da86c9753..17a331f2dd 100644
--- a/integration-cli/docker_utils.go
+++ b/integration-cli/docker_utils.go
@@ -61,3 +61,13 @@ func cmd(t *testing.T, args ...string) (string, int, error) {
 	errorOut(err, t, fmt.Sprintf("'%s' failed with errors: %v (%v)", strings.Join(args, " "), err, out))
 	return out, status, err
 }
+
+func findContainerIp(t *testing.T, id string) string {
+	cmd := exec.Command(dockerBinary, "inspect", "--format='{{ .NetworkSettings.IPAddress }}'", id)
+	out, _, err := runCommandWithOutput(cmd)
+	if err != nil {
+		t.Fatal(err, out)
+	}
+
+	return strings.Trim(out, " \r\n'")
+}