Linux (Fedora) iptables - can't connect except to subnetwork

[77hahHHA221 2]

I tried the guide to plugging leaks from the "how to" section. It has taken a long time to get the various components to compile on Fedora. Now I ran the s/w I can't access the outside world, except for the local subnetwork. Here is the output of iptagles -L -v. Can someone spot the mistake?

 

To test, I tried adding 8.8.8.8 (a DNS) to try to ping it. That doesn't work. Neither can I ping my router which is on 192.168.1.1. My NAS is 192.168.1.111. I can't ping that either.

 

The s/w is running on Fedora 20 in a virtual box. This has IP 192.168.88.136 (static). The computer it is running on has IP 192.168.88.1 (through VMWare). I can ping 192.168.88.1 OK.

 

 

 

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere            
    0     0 DROP       tcp  --  any    any     anywhere             anywhere             tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
    0     0 ACCEPT     all  --  any    any     192.168.1.111        192.168.88.136      
    0     0 ACCEPT     all  --  any    any     8.8.8.8              192.168.88.136      
    0     0 ACCEPT     all  --  any    any     192.168.88.1        192.168.88.136       
    0     0 ACCEPT     all  --  any    any     192.168.3.1          192.168.88.136      
    0     0 ACCEPT     all  --  tun+   any     anywhere             anywhere             state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  wlan+  any     anywhere             anywhere             match-set airvpn src
    0     0 ACCEPT     all  --  tun+   any     anywhere             anywhere             match-set airvpn src

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  wlan+  tun+    anywhere             anywhere            
    0     0 ACCEPT     all  --  tun+   wlan+   anywhere             anywhere            

Chain OUTPUT (policy ACCEPT 4 packets, 232 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  any    lo      anywhere             anywhere            
    0     0 ACCEPT     all  --  any    any     192.168.88.136      192.168.1.111       
    0     0 ACCEPT     all  --  any    any     192.168.88.136      8.8.8.8              
    0     0 ACCEPT     all  --  any    any     192.168.88.136      192.168.88.1         
    0     0 ACCEPT     all  --  any    any     192.168.88.136      192.168.3.1          
    0     0 ACCEPT     all  --  any    any     192.168.1.0/24       192.168.88.0/24     
    0     0 ACCEPT     all  --  any    tun+    anywhere             anywhere             state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  any    wlan+   anywhere             anywhere             match-set airvpn dst
    0     0 ACCEPT     all  --  any    tun+    anywhere             anywhere             match-set airvpn dst