Shall I flush iptables rules for specific interface if this interface went down?
Does it offer any advantages?
Currently I'm using iptables-restore and I am not deleting rules, even if I sent interface down, rules are just loaded upon boot-up and that's all.
What do you recommended?
I wouldn't bother. There might be some edge cases were it could matter to the FW performance (for example if you have thousands of rules, complex fwmarks etc. running for an unused interface).
I have implemented highly available firewalls using vlans, heartbeat, and iptables. In that case, the standby firewall has all of the rules loaded, even though it has none of the IPs (we do create the vlan devices ahead of time though.)
Besides, if you load all your FW rules from one script and then flush only the rules for a single interface you will have to reload all your rules to restore the interface. This will interrupt your established connections unnecessarily.
I don't think it's necessary. Also, if you use a DROP policy and flush the wrong thing you can end locked out of the server.