The tool is pfctl.
I think you can edit the configuration in /etc/pf.conf and add a line
block drop quick on ALL proto tcp from any to any port = 5900
pfctl -f /etc/pf.conf
should reload the config file. I'm no pf expert, but that should get you started.
