If you’re running a VNC (Virtual Network Computing) server like TigerVNC behind a host firewall, the following may be of interest to you.
Here’s the iptables syntax to allow clients to connect to a VNC server on a firewalled host:
-A INPUT -p tcp -m tcp --dport 5900:5904 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5800:5804 -j ACCEPT
This opens TCP ports across the ranges 5900 to 5904 and 5800 to 5804. That would allow up to 4 simultaneous VNC sessions, which should be more than enough for servers. If you’re using VNC to give users access to remote home directories on the server, you’ll probably want to increase that range.