can one help how to block icmp at router level.
you want to block other specific traffic:
deny udp|tcp source source-wildcard dest destination-wildcard eq|ge|le name|number
you need to know where the well known port stays because the port option allows to match source port if it is just after the source or the destination if it is at the end of the line
so you want to block telnet access from subnete to outside you use:
access-list 101 deny tcp 10.5.5.0 0.0.0.255 any eq 23
if you want to block outside from being able to telnet to hosts in the subnets you need
access-list 101 deny tcp 10.5.5.0 0.0.0.255 eq 23 any
This is the basics to perform per port filtering, most simple examples show only matching on destination port.
the new deny statements must be before the final permit ip any any or they will be not effective
Hope to help