How to activate iptables after connecting to VPN?

view full story

http://serverfault.com – I want to block all non-vpn traffic, for which I have a script with iptables rules that works fine. The problem is that I can only set those rules after being connected to the vpn (if I do it before, I can't connect to the vpn). The connection to the vpn happens when I login, because that's how the network manager works (each user can handle its own connections). So how do I auto-execute a script as root, after I'm logged in and connected to the vpn? I might need this even for non sudoer users (HowTos)