OpenSprinkler does not use port 3040. If you have traffic successfully hitting port 3040 of the device (which it doesn’t listen on), then your firewall rules must be allowing 3040 (can you see the packet information?).
I noticed something interesting when reviewing your PCAP: the reply from weather.opensprinkler.com is split into two packets (ID 18 and 19 of latest pcap). I did a capture on my home network and noticed the reply is contained to one packet. I am wondering if your firewall is somehow splitting the packets. This would likely cause an issue with the firmware reading the HTTP reply. Do you know why the packet might be getting split?
Update: I can confirm after reviewing my own packet capture, the VLAN tagging doesn’t matter. Mine also adds the 802.1Q header, so you can ignore this aspect of it.