Simple

Here's a very simple iptables ruleset that masquerades everything. This one works for many simpler setups. It won't work if the box is working as a full-blown router — it has a potentially nasty habit of NATting all traffic that leaves your computer.

iptables -A POSTROUTING -o eth+ -t nat -j MASQUERADE
iptables -A POSTROUTING -o wlan+ -t nat -j MASQUERADE

Full

If the simple solution fails to work, or if your configuration is more complex, this ruleset might help:

NATIF='vboxnet+'
MARK=1
iptables -A PREROUTING -t mangle -i $NATIF -j MARK --set-mark $MARK
iptables -A POSTROUTING -o eth+ -t nat -m mark --mark $MARK -j MASQUERADE
iptables -A POSTROUTING -o wlan+ -t nat -m mark --mark $MARK -j MASQUERADE

It marks packets coming in through any vboxnet* interface, then, later, masquerades (SNAT) any packets going out of eth* or wlan* with the mark set.

Also…

In addition to the iptables rules, you'll need to turn your host computer into a router by enabling packet forwarding. Put:

net.ipv4.ip_forward=1

in /etc/sysctl.conf, then say

sudo sysctl -p /etc/sysctl.conf.

Alternatively:

echo 1 | sudo tee /proc/sys/net/ipv4_ip_forward

The guest must also have a default route that gateways packets through the host's external interfaces (and for this, chances are host-only mode just won't work). Check its routing table (this depends on the guest OS).

Also, install wireshark or tshark and use them to examine packets. There's no better way to solve generic networking issues like this one.

Personally, I'd suggest changing the guest to use bridged mode networking and making available to it both of the host's interfaces. Then it can connect on its own, using the DHCP service on your router to get a local address on its own. No NAT needed.