you will have to put together an access-l on the inside interface of the firewall. It would be like this:

access-list 110 permit tcp ipaddressinside netmask host ipaddress_1 eq www

access-list 110 permit tcp ipaddressinside netmask host ipaddress_2 eq www

access-list 110 deny tcp ipaddressinside netmask host ipaddress_2 eq www

access-list 110 deny tcp ipaddressinside netmask host ipaddress_1 eq www

It would be a lot easier if the group of ip addresses are all within a subnet rather than just individual adresses.