The script is currently generating a 512-bit (EDIT: 2048-bit after merging my pull request) DH modulus. DH over a finite field modulo a 512-bit prime is weak sauce, about as hard to break as a 56-bit or 64-bit key for a symmetric cipher.[1] You're using DH over a finite field, not ECDH.
Please upgrade your script to generate a 4096-bit DH modulus. EDIT: A 2048-bit safe prime provides over 100 bits of security and is much faster to generate.
I'm not sure why OpenSSL hasn't upgraded their default modulus size, but to have the same strength as a 150-bit symmetric cipher key, against the best attack techniques 2004 had to offer, you'd need about a 4575-bit DH modulus.[1] AES-128 is about as hard to break as a 3200-bit DH modulus given the best techniques of 2001.[2]
EDIT: Times to generate different sized safe primes on my MBP maxing out one core:
Please upgrade your script to generate a 4096-bit DH modulus. EDIT: A 2048-bit safe prime provides over 100 bits of security and is much faster to generate.
I'm not sure why OpenSSL hasn't upgraded their default modulus size, but to have the same strength as a 150-bit symmetric cipher key, against the best attack techniques 2004 had to offer, you'd need about a 4575-bit DH modulus.[1] AES-128 is about as hard to break as a 3200-bit DH modulus given the best techniques of 2001.[2]
EDIT: Times to generate different sized safe primes on my MBP maxing out one core:
512 bits = 0.5 sec
1024 bits = 0.8 sec
2048 bits = 2 min
3072 bits = more than 30 minutes
4096 bits = more than 60 minutes
[1] https://tools.ietf.org/html/rfc3766 (see table in section 5)
[2] http://tools.ietf.org/html/rfc3526