We need to remove permissions to create the Tickets (IN ,RE, CHG, pr, iss All) and KD everthing but should be able to continue work on the current tickets, like log comments, notification, closure and sla should continue to work
You need to define a data partition condition (or modify the existing one) for the Insert operation to disable creation of new tickets with a condition that always returns false (like id=1). You'll need to add conditions for each type of ticket.
And how can I set permission so the ticket creation is allowed only thru webservices.
I don't think this will work, permissions (via Functional Access and Data Partitions) are applied regardless of the interface used (Web browser, Web Services, Maileater, etc.). You can't remove permissions from just one interface from the Administration.
And how can I allow creation and updating CMDB thru webservices not thru interface
Same answer as before.