Help with tcpdump output

I've got a problem with an internet connection that is causing corrupt downloads from selected locations notably the Norton antivirus update site.

I'm getting the following output from tcpdump when downloading: eg. wget

formatting link

]# tcpdump port 80 tcpdump: listening on eth0

00:15:02.467793 srv-001.34278 > 203.147.56.230.http: S 893928169:893928169(0) win 5840 (DF) 00:15:02.505943 203.147.56.230.http > srv-001.34278: S 2745254075:2745254075(0) ack 893928170 win 5792 (DF) 00:15:02.506041 srv-001.34278 > 203.147.56.230.http: . ack 1 win 5840 (DF) 00:15:02.506901 srv-001.34278 > 203.147.56.230.http: P 1:139(138) ack 1 win 5840 (DF) 00:15:02.559360 203.147.56.230.http > srv-001.34278: . ack 139 win 5792 (DF) 00:15:02.608380 203.147.56.230.http > srv-001.34278: . 1:1401(1400) ack 139 win 5792 (frag 48159:1432@0+) 00:15:02.609319 srv-001.34278 > 203.147.56.230.http: . ack 1441 win 8640 (DF) 00:15:02.637621 203.147.56.230.http > srv-001.34278: . 1441:2841(1400) ack 139 win 5792 (frag 48160:1432@0+) 00:15:02.638452 srv-001.34278 > 203.147.56.230.http: . ack 2881 win 11520 (DF) 00:15:02.666490 203.147.56.230.http > srv-001.34278: P 2881:4281(1400) ack 139 win 5792 (frag 48161:1432@0+) 00:15:02.667565 srv-001.34278 > 203.147.56.230.http: . ack 4321 win 14400 (DF) 00:15:02.754391 203.147.56.230.http > srv-001.34278: . 4321:5721(1400) ack 139 win 5792 (frag 48162:1432@0+) 00:15:02.755739 srv-001.34278 > 203.147.56.230.http: . ack 5761 win 17280 (DF) 00:15:02.783075 203.147.56.230.http > srv-001.34278: . 5761:7161(1400) ack 139 win 5792 (frag 48163:1432@0+) 00:15:02.784486 srv-001.34278 > 203.147.56.230.http: . ack 7201 win 20160 (DF) 00:15:02.812262 203.147.56.230.http > srv-001.34278: P 7201:8601(1400) ack 139 win 5792 (frag 48164:1432@0+) 00:15:02.813098 srv-001.34278 > 203.147.56.230.http: . ack 8641 win 23040 (DF) 00:15:02.841202 203.147.56.230.http > srv-001.34278: . 8641:10041(1400) ack 139 win 5792 (frag 48165:1432@0+)

and so on until:

00:15:25.127738 203.147.56.230.http > srv-001.34278: P 1023841:1025241(1400) ack 139 win 5792 (frag 48870:1432@0+) 00:15:25.156780 203.147.56.230.http > srv-001.34278: P 1025281:1026681(1400) ack 139 win 5792 (frag 48871:1432@0+) 00:15:25.156854 srv-001.34278 > 203.147.56.230.http: . ack 1026714 win 34560 (DF) 00:15:25.159200 srv-001.34278 > 203.147.56.230.http: F 139:139(0) ack 1026714 win 34560 (DF) 00:15:25.210642 203.147.56.230.http > srv-001.34278: F 1026714:1026714(0) ack 140 win 5792 (DF) 00:15:25.210696 srv-001.34278 > 203.147.56.230.http: . ack 1026715 win 34560 (DF)

There appears to be some strange fragmentation problem here, but I'm at a loss as to how to troubleshoot it further - any suggestions on decyphering this output, or where to go from here?