What am I doing wrong?(routing static)

• It depends on why you're creating a default route to a router on LAN with an IP.of 192.168.168.10
• Your second picture doesn't show enough to phantom a guess at why you posted it
• It's not clear what you're showing by doing a traceroute to the gateway you configured - aside for the fact that it's clear your gateway is invalid beeau the LAN is 192.168.1.0/24, not 192.168.168.0/24

192.168.1.240/32 - doesn't want to go through 192.168.1.1>192.168.168.9>192.168.168.10 to use extrenal IPvds

Describe what you intend to do instead, because your settings are clearly incorrect and not helpful in illustrating your purpose.

192.168.1.240/32 passes through the 10.119.128.1 (10.119.128.1) gateways in 3.606 ms, 4.071 ms, and 4.410 ms
3 91.188.184.1 (91.188.184.1), although the gateway address is listed as 192.168.168.10 in the routing for 192.168.1.240/32

Gateways have to be directly connected and exist on the network selected in the route config (i.e., a router).

• It's not clear what you're communicating. I don't see the 99.188.184.1 IP above. Even if I did, you cannot route private addresses across the Public Internet.
• I don't see a route for 192.168.1.240/32, it appears to be a rule
• Even if a route exists, a /32 cannot respond (a /32 is a single IP, hence no gateway)

Maybe a diagram will help?

It's still unclear what you're attempting to accomplish.

I want to make 192.168.1.240/32 go to the 192.168.168.10 gateway, and access the internet through a wireguard tunnel

To make a route config, please verify:

• What interface does 192.168.168.0/24 exist on in the OpenWrt - WAN, LAN, or elsewhere?
• What is the IP of the OpenWrt's side?

Where does the tunnel exist - on the OpenWrt?

If not, you also need to configure the upstream device.

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1504 qdisc mq state UP group defa                                             ult qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::da47:32ff:feae:be7/64 scope link proto kernel_ll
       valid_lft forever preferred_lft forever
3: wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group defau                                             lt qlen 1000
    link/ether d8:47:32:ae:0b:e8 brd ff:ff:ff:ff:ff:ff
    inet 10.119.159.193/19 brd 10.119.159.255 scope global wan
       valid_lft forever preferred_lft forever
    inet6 fe80::da47:32ff:feae:be8/64 scope link proto kernel_ll
       valid_lft forever preferred_lft forever
4: lan1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br                                             -lan state UP group default qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
5: lan2@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master                                              br-lan state LOWERLAYERDOWN group default qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
6: lan3@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br                                             -lan state UP group default qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
7: lan4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br                                             -lan state UP group default qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP gro                                             up default qlen 1000
    link/ether d8:47:32:ae:0b:e7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fd98:9da5:8505::1/60 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::da47:32ff:feae:be7/64 scope link proto kernel_ll
       valid_lft forever preferred_lft forever
9: wg: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1350 qdisc noqueue state UNKNOWN grou                                             p default qlen 1000
    link/none
    inet 192.168.168.9/24 brd 192.168.168.255 scope global wg
       valid_lft forever preferred_lft forever

config 192.168.1.240:

ip ro
default via 192.168.1.1 dev ens33
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.240
root@debian:~# ip ru
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

#in /etc/config/network

config route
        option target '0.0.0.0/0'
        option interface 'wg'
        option table '1'

config rule
        option src '192.168.1.240/32'
        option dest '0.0.0.0/0'
        option priority '1'
        option lookup '1' #table no in route

• Hope this helps
• You may need to masquerade traffic egressing wg

How to do it?

Assuming you placed your wg interface into a firewall zone, just enable masquerade on the zone (adding it to the WAN zone generally does it for you) .

Do not enable masquerade on LAN.

(Place wg into a different zone if need be.)

Also, those forwarding rules are wrong.

• Forward should usually not be allowed from WAN.
• You somehow deleted 'from LAN to WAN'.
• You've added some invalid 'from LAN to LAN' rule

• You need to allow forward from source: LAN

It didn't help

• Provide output of: ip -4 route
• And ip rule
• And traceroute to 8.8.8.8 from Debian machine (SRC 192.168.1.240 device)
• I assume wg is a commercial VPN already setup correctly?