you will have to put together an access-l on the inside interface of the firewall. It would be like this:
access-list 110 permit tcp ipaddressinside netmask host ipaddress_1 eq www
access-list 110 permit tcp ipaddressinside netmask host ipaddress_2 eq www
access-list 110 deny tcp ipaddressinside netmask host ipaddress_2 eq www
access-list 110 deny tcp ipaddressinside netmask host ipaddress_1 eq www
It would be a lot easier if the group of ip addresses are all within a subnet rather than just individual adresses.