In the firewall, I opened port 5900 for TCP traffic. Now the console is displaying packet information whenever a connection is made.
Why does it send a message to stdout/stderr for an allowed connection? How can I stop it?
Logging level is set to critical only, and not-accepted packets should only be logged for the internal and DMZ zones.
From linuxtopia:
Note that if you get undesired logging direct to consoles, this is not an iptables or Netfilter problem, but rather a problem caused by your syslogd configuration - most probably /etc/syslog.conf. Read more in man syslog.conf for information about this kind of problem.
You may also need to tweak your dmesg settings. dmesg is the command that changes which errors from the kernel that should be shown on the console. dmesg -n 1 should prevent all messages from showing up on the console, except panic messages. The dmesg message levels matches exactly the syslogd levels, and it only works on log messages from the kernel facility. For more information, see man dmesg.