PF (packet filter) is a kernel-level firewall, included in BSD-like kernels (Darwin kernel is basically BSD), and BSD man pages provide detailed documentation about these headers, letting control PF programmatically. PF is included in OSX kernel, even though it's disabled by default.
I know it's possible to control PF in OSX someway, because applications like Murus exist, providing user-friendly GUI for this low-level "king of firewalls", and this API is not not manual /etc/pf.conf parsing, as I suspected first.
Any way to add these headers and control PF from my OSX applications?
MacOS Sierra 10.12.6
Xcode 9.2 (9C40b)
UPDATE Some information I found, a bit out-of-date though
the <net/pfvar.h> you are looking for is at the link below (for MacOS Mojave and Catalina) - Older versions are also available.
https://github.com/apple-oss-distributions/xnu/blob/xnu-4903.221.2/bsd/net/pfvar.h
Here is <net/pfvar.h> for the MacOS Sierra:
https://github.com/apple-oss-distributions/xnu/blob/xnu-3789.70.16/bsd/net/pfvar.h
If you need a full working application example, I ported pfctl from BSD to MacOS and compiled it using all the MacOS kernel headers and system libraries. I can upload the full working source-code tree on GitHub for you. Currently I am using it on Catalina, and I can control anything on the PF subsystem. You can then learn from it and use the routines on your app. The code, functions and parameters are simple to understand and can easily meet your needs.