To make this easier to understand, I’ll show you an example.
KVM Guest has running Apache on eth0 192.168.122.13:80. KVM Host – wlan0 192.168.1.147.
Idea is to let clients (external network/Internet) access your KVM Guest’s Apache straight via your KVM Host. When the traffic from outside will go to your Host 192.168.1.147:80, your Host will need to have iptables rules set for DNAT redirection of PREROUTING connections to your KVM Guest.
To do so, run on KVM Host following
iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.122.13:80
iptables -t nat -I PREROUTING -p tcp --source 192.168.122.13/24 -j ACCEPT
iptables -I FORWARD -m state -d 192.168.122.13/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
That’s it! Now your KVM Host will act as a web server.