Please post your python script somewhere and give us the link. How is your python script trying to communicate with pf? through pfctl? lets say you are tryng to add an IP to a table
pfctl -t thetable -T add x.x.x.x
Find out which user runs apache
ps aux | grep apache
Then you must edit /etc/sudoers to have that user be able to run the pfctl command without a password. So lets say that you run apache as www. place the following in sudoers :
www ALL=(ALL:ALL) NOPASSWD: /sbin/pfctl
Finally in the python script (lets say you call the external command with subprocess)
from subprocess import call
call(["sudo","pfctl","-T","theTable","-t","add", "x.x.x.x"])
But please keep in mind that the whole scheme is really a bad idea and you shouldn't do it that way. get rid of the python script if you can and run the bundled apache 1.3 which is privseped and audited. Run the webserver in a chroot. Never expose the control of your firewall to user input specially when this comes over the web. I am sure that if you elaborate on what you want to do , we could find a much more efficient and secure setup.