@Marius Gunnerud  suppose, in my network one client is using internet services from the Cisco ASA, connected through the inside interface network, and all i want is to block all ports on that client and only allow http, pop, smtp and any other specific port so client can use only allowed ports.

All that is is an access-list permitting the host access towards the ports you want (client IP as source, any as destination, and destination port).  Then directly below  these allow rules you place a deny rule that has the client IP as source and any destination.  I unfortunately do not have access to an ASDM at the moment if that is what you are using, but it is quite simple to do in both ASDM and CLI.  Here is an example with the CLI:

access-list inside_in extended permit tcp host 1.2.3.4 any eq www

access-list inside_in extended permit tcp host 1.2.3.4 any eq pop3

access-list inside_in extended permit tcp host 1.2.3.4 any eq smtp

access-list inside_in extended deny ip host 1.2.3.4 any

access-list inside_in extended permit ip any any <--permit all other hosts full access

access-group inside_in in interface inside

If you already have an access-list configured on the interface then the last command is not needed.  Just add the access list entries to the existing ACL

@Marius Gunnerud  can you please tel me how can i do that in ASDM because its easy for me to configure please tel me how can i configure it in GUI mode please............

@Marius Gunnerudyou are a true Gem ... thanks for your concern, i am really learning from everyone around, and i am getting more then what i expected from here to learn thanks alot.

@MHM Cisco World  thanks for your concern, can you please tel me how i can do that in ASDM