Foremost custom file type not accepted by -t argument

I stumbled across the exact same issue and dug a little deeper into it by looking through the foremost sources.

It turns out custom types added using the configuration file cannot be selected with the -t option. Your files will be found if you define the hpp type in /etc/foremost.conf and use

foremost -v -T -c /etc/foremost.conf -i /dev/md0 -o /home/recover/

This will also recover files matching all builtin types which will probably mean a lot of files. To work around that, patch the sources to not include any of the builtin types when using -t all (equivalent to not using -t at all). In state.c, at the end of the set_search_def function, init_all is called if strcmp(ft, "all") == 0. Simply comment out the call to init_all and the builtin types will not be used anymore.

Create a new .conf file and remove everything in it except the settings for the type you need. an example would be (foremost_pde.conf):

pde y   200000  #include    #include    ASCII

make sure you delete all tab or space characters at the start of the line or otherwise the line will not be recognised. Save and close the conf file at a user location (e.g. ~/Desktop). Now use:

foremost -v -T -c ~/Desktop/foremost_pde.conf -i /dev/md0 -o /home/recover/