Firewall configuration to allow Openvpn client to WAN

Created a openvpn server using https://openwrt.org/docs/guide-user/services/vpn/openvpn/server. There are only 2 Interfaces: Wan/Wan6 and Lan.

I want to drop all connection from Lan to Wan, except openvpn client from outside. I am thinking to add a firewall rule to allow 192.168.8.x to Wan and add a statement to drop other. However, when I look at the overview page, I cannot locate the openvpn client 192.168.8.x in the active DHCP lease. How can I set up such firewall rule?

You need to assign the tun0 network device to a firewall zone. If the vpn tunnel is completely trusted, assign it to the lan zone and you should be good. Otherwise, you can create a new firewall zone for the vpn and then allow forwarding from that zone to the wan zone.