I don’t know what else is there to answer about the purpose of a hardware firewall.
Hardware firewalls have their use cases, mostly overkill for homelabs and most companies but they have specific features you may want that are hard or impossible to get in other ways.
A hardware firewall may do the following things:
Run DPI and effectively block machines on the network to access certain protocols, websites, hosts or detect whenever some user is about to download malware and block it;
Run stats and alert sysadmins of suspicious behaviors like a user sending large amount of confidential data to the outside;
Have “smart” AI features that will detect threats even when they aren’t known yet;
Provide VPN endpoints and site-to-site connections. This is very common in brands like WatchGuard;
Higher throughput than your router while doing all the other operations above;
Better isolation.
An isolated device is the fact that you can then play around with your routers without having to think about the security as much - you may break them, mess some config but you can be sure that the firewall is still in place and doing its job. The firewall becomes both a virtual and a physical and physiological barrier between your network and the outside, there’s less risk of plugging a wire on the wrong spot or a apply a configuration and suddenly having your entire network exposed.
Sure you may be able to setup something on OpenWRT to cover most of the things I listed before but how much time will you spend on that? Will it be as reliable? What about support? A Pi-hole is also another common solution for those problems, and it may work until a specific machines devices to ignore its DNS server and go straight to the router / outside.
You can even argue that you can virtualize something like pfSense or OPNsense on some host that also virtualizes your router and a bunch of other stuff, however, is it wise? Most likely not. Virtualization is mostly secure but we’ve seen cases from time to time where a compromised VM can be used to gain access to the host or other VMs, in this case the firewall could be hacked to access the entirety of your network.
When you’ve to manage larger networks, lets say 50* devices I believe it becomes easier to see how a hardware firewall can become useful. You can’t simply trust all those machines, users and software policies in them to ensure that things are secure.